Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5736

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-5736
Last Modified 21 Sep 2011 11:02:07
Published 26 Dec 2008 01:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5736

Summary

Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.

Vulnerable Systems

Operating System

  • Freebsd 6

  • Freebsd 6.0

  • Freebsd 6.0 P5 Release

  • Freebsd 6.1

  • Freebsd 6.2

  • Freebsd 6.2 Releng

  • Freebsd 6.3

  • Freebsd 6.3 Releng

  • Freebsd 6.4

  • Freebsd 7.0

  • Freebsd 7.0 Beta4

  • Freebsd 7.0 Releng

  • Freebsd 7.1


References

XF - freebsd-netgraph-bluetooth-priv-escalation(47570)

SECTRACK - 1021491

BID - 32976

MILW0RM - 7581

EXPLOIT-DB - 16951

SREASON - 8124

FREEBSD - FreeBSD-SA-08:13

SECUNIA - 33209

OSVDB - 50936


Last Updated: 27 May 2016 10:48:54