Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3257

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-3257
Last Modified 19 Mar 2012 12:00:00
Published 18 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3257

Summary

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.14.4


References

UBUNTU - USN-231-1

BID - 15122

MANDRIVA - MDKSA-2005:235

MANDRAKE - MDKSA-2005:220

MANDRAKE - MDKSA-2005:219

MANDRAKE - MDKSA-2005:218

DEBIAN - DSA-1018

DEBIAN - DSA-1017

SECUNIA - 19374

SECUNIA - 19369

SECUNIA - 19185

SECUNIA - 18203

SECUNIA - 17995

SECUNIA - 17826

SECUNIA - 17226

REDHAT - RHBA-2007-0304

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334113


Last Updated: 27 May 2016 10:42:30