1. CVE-Search
  2. CVE-2004-0482
ID CVE-2004-0482
Summary Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities.
References
Vulnerable Configurations
  • cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 14-02-2024 - 01:17)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm
  • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/020_procfs.patch
  • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/006_procfs.patch
fulldisc 20040517 OpenBSD procfs
misc http://www.deprotect.com/advisories/DEPROTECT-20041305.txt
mlist [openbsd-security-announce] 20040513 procfs vulnerability
openbsd
  • 20040513 [3.4] 020: SECURITY FIX: May 13, 2004
  • 20040513 [3.5] 006: SECURITY FIX: May 13, 2004
osvdb 6114
secunia 11605
xf openbsd-procfs-gain-privileges(16226)
Last major update 14-02-2024 - 01:17
Published 07-07-2004 - 04:00
Last modified 14-02-2024 - 01:17
Back to Top