Lucene search
HistorySep 24, 2002 - 4:00 a.m.
CVE-2002-0973
cve-2002-0973
freebsd
integer signedness error
system calls
kernel memory
security vulnerability
nvd
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.7%
Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl.
Affected configurations
Node
freebsdfreebsdMatch4.0
ORfreebsdfreebsdMatch4.1
ORfreebsdfreebsdMatch4.1.1
ORfreebsdfreebsdMatch4.1.1release
ORfreebsdfreebsdMatch4.1.1stable
ORfreebsdfreebsdMatch4.2
ORfreebsdfreebsdMatch4.2stable
ORfreebsdfreebsdMatch4.3
ORfreebsdfreebsdMatch4.3release
ORfreebsdfreebsdMatch4.3stable
ORfreebsdfreebsdMatch4.4
ORfreebsdfreebsdMatch4.4stable
ORfreebsdfreebsdMatch4.5
ORfreebsdfreebsdMatch4.5release
ORfreebsdfreebsdMatch4.5stable
ORfreebsdfreebsdMatch4.6
ORfreebsdfreebsdMatch4.6release
ORfreebsdfreebsdMatch4.6.1release_p10
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.7%
Related for CVE-2002-0973