CVE-2006-0380 - A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffe

CVE-2006-0380

Summary

A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc
http://secunia.com/advisories/18599
http://securitytracker.com/id?1015541
http://www.osvdb.org/22731
http://www.securityfocus.com/bid/16373
https://exchange.xforce.ibmcloud.com/vulnerabilities/24340

Vulnerable Configurations

cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	16373
freebsd	FreeBSD-SA-06:06
osvdb	22731
sectrack	1015541
secunia	18599
xf	bsd-buffer-length-disclosure(24340)

Last major update

20-07-2017 - 01:29

Published

25-01-2006 - 22:03

Last modified

20-07-2017 - 01:29