ID CVE-2007-0085
Summary Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference.
References
Vulnerable Configurations
  • cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*
CVSS
Base: 6.0 (as of 29-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:H/Au:S/C:C/I:C/A:C
refmap via4
misc http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf
mlist
  • [openbsd-cvs] 20070103 CVS: cvs.openbsd.org: www
  • [openbsd-cvs] 20070103 Re: CVS: cvs.openbsd.org: src
openbsd
  • [3.9] 017: SECURITY FIX: January 3, 2007
  • [4.0] 007: SECURITY FIX: January 3, 2007
osvdb 32574
sectrack 1017468
secunia 23608
vupen ADV-2007-0043
xf openbsd-vga-privilege-escalation(31276)
Last major update 29-07-2017 - 01:29
Published 05-01-2007 - 11:28
Last modified 29-07-2017 - 01:29
Back to Top