Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1125

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2002-1125
Last Modified 10 Sep 2008 03:13:55
Published 24 Sep 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1125

Summary

FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.

Vulnerable Systems

Operating System

  • Freebsd 4.2

  • Freebsd 4.3

  • Freebsd 4.4

  • Freebsd 4.5

  • Freebsd 4.6


References

BID - 5720

BID - 5719

BID - 5718

BID - 5716

BID - 5714

XF - bsd-libkvm-descriptor-leak(10109)

VULNWATCH - 20020916 iDEFENSE Security Advisory 09.16.2002: FreeBSD Ports libkvm Security Vulnerabilities

FREEBSD - FreeBSD-SA-02:39


Last Updated: 27 May 2016 10:37:12