CVE-2007-1523 - Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and

CVE-2007-1523

Summary

Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329.

References

http://kernelwars.blogspot.com/2007/01/alive.html
http://osvdb.org/34593
http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
http://www.securityfocus.com/bid/22945

Vulnerable Configurations

cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 28-08-2013 - 05:28)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	22945
misc	http://kernelwars.blogspot.com/2007/01/alive.html http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
osvdb	34593

Last major update

28-08-2013 - 05:28

Published

20-03-2007 - 20:19

Last modified

28-08-2013 - 05:28