Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1588

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1588
Last Modified 05 Sep 2008 05:02:19
Published 03 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1588

Summary

The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.

Vulnerable Systems

Operating System

  • Netbsd 1.6

  • Netbsd 1.6.1

  • Netbsd 1.6.2

  • Netbsd 2.0

  • Netbsd 2.0.1

  • Netbsd 2.0.2

  • Netbsd 2.0.3

  • Netbsd 2.1

  • Netbsd 3.0


References

BID - 17312

SECTRACK - 1015846

SECUNIA - 19464

NETBSD - NetBSD-SA2006-005

XF - bsd-ifbridge-information-disclosure(25582)

OSVDB - 24262


Last Updated: 27 May 2016 10:42:08