ID |
CVE-2004-0482
|
Summary |
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.6 (as of 14-02-2024 - 01:17) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
confirm | - ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/020_procfs.patch
- ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/006_procfs.patch
| fulldisc | 20040517 OpenBSD procfs | misc | http://www.deprotect.com/advisories/DEPROTECT-20041305.txt | mlist | [openbsd-security-announce] 20040513 procfs vulnerability | openbsd | - 20040513 [3.4] 020: SECURITY FIX: May 13, 2004
- 20040513 [3.5] 006: SECURITY FIX: May 13, 2004
| osvdb | 6114 | secunia | 11605 | xf | openbsd-procfs-gain-privileges(16226) |
|
Last major update |
14-02-2024 - 01:17 |
Published |
07-07-2004 - 04:00 |
Last modified |
14-02-2024 - 01:17 |