Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0777

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2008-0777
Last Modified 05 Sep 2008 05:35:57
Published 14 Feb 2008 09:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-0777

Summary

The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.

Vulnerable Systems

Operating System

  • Freebsd 5.5

  • Freebsd 6.2

  • Freebsd 6.3

  • Freebsd 7.0


References

BID - 27789

FREEBSD - FreeBSD-SA-08:03

SECTRACK - 1019416

SECUNIA - 28928


Last Updated: 27 May 2016 10:46:56