Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0145

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-0145
Last Modified 05 Sep 2008 04:58:28
Published 09 Jan 2006 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0145

Summary

The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call.

Vulnerable Systems

Operating System

  • Netbsd 1.6

  • Netbsd 1.6.1

  • Netbsd 1.6.2

  • Netbsd 2.0

  • Netbsd 2.0.1

  • Netbsd 2.0.2

  • Netbsd 2.0.3

  • Netbsd 2.1


References

BID - 16173

MISC - http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html

BUGTRAQ - 20060202 [SLAB] NetBSD / OpenBSD kernfs_xread patch evasion

OSVDB - 22293

SECUNIA - 18712

SECUNIA - 18388

NETBSD - NetBSD-SA2006-001

XF - netbsd-kernfs-memory-disclosure(24035)

SREASON - 405


Last Updated: 27 May 2016 10:41:32