[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-0114Date: (C)2004-03-03   (M)2023-12-22


The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.6
Exploit Score: 3.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://marc.info/?l=bugtraq&m=107608375207601&w=2
OSVDB-3836
BID-9586
FreeBSD-SA-04:02
NetBSD-SA2004-004
bsd-shmat-gain-privileges(15061)
http://www.openbsd.org/errata33.html#sysvshm
http://www.pine.nl/press/pine-cert-20040201.txt

CPE    3
cpe:/o:openbsd:openbsd
cpe:/o:freebsd:freebsd
cpe:/o:netbsd:netbsd

© SecPod Technologies