2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
CPE | Name | Operator | Version |
---|---|---|---|
freebsd:freebsd | freebsd | eq | 4.2 |
freebsd:freebsd | freebsd | eq | 4.3 |
freebsd:freebsd | freebsd | eq | 4.4 |
freebsd:freebsd | freebsd | eq | 4.5 |
freebsd:freebsd | freebsd | eq | 4.6 |
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc
archives.neohapsis.com/archives/vulnwatch/2002-q3/0115.html
marc.info/?l=bugtraq&m=103228135413310&w=2
www.iss.net/security_center/static/10109.php
www.securityfocus.com/bid/5714
www.securityfocus.com/bid/5716
www.securityfocus.com/bid/5718
www.securityfocus.com/bid/5719
www.securityfocus.com/bid/5720