Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4783

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-4783
Last Modified 05 Sep 2008 04:57:49
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4783

Summary

kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.

Vulnerable Systems

Operating System

  • Netbsd 1.6

  • Netbsd 2.0

  • Netbsd 2.0.3

  • Netbsd 2.1


References

NETBSD - NetBSD-SA2006-001

OSVDB - 20729

SECTRACK - 1015132

CONFIRM - http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727

CONFIRM - http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h

CONFIRM - http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c

MLIST - [netbsd-announce] 20051031 Announcing update 2.0.3 - source only


Last Updated: 27 May 2016 10:41:26