CVE-2006-5679 - Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of

CVE-2006-5679

Summary

Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

References

Vulnerable Configurations

cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 11-10-2011 - 04:00)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

apple	APPLE-SA-2007-03-13
bid	20918
cert	TA07-072A
cert-vn	VU#552136
confirm	http://docs.info.apple.com/article.html?artnum=305214
misc	http://projects.info-pull.com/mokb/MOKB-03-11-2006.html
mlist	[freebsd-security] 20070114 MOAB advisories
sectrack	1017751
secunia	22736 24479
vupen	ADV-2007-0930

Last major update

11-10-2011 - 04:00

Published

03-11-2006 - 22:07

Last modified

11-10-2011 - 04:00