Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2008-0777
cve
2008
0777
freebsd
sendfile
system call
vulnerability
local users
access flags
nvd
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
Affected configurations
Node
freebsdfreebsdMatch5.5
ORfreebsdfreebsdMatch6.2
ORfreebsdfreebsdMatch6.3
ORfreebsdfreebsdMatch7.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | 5.5 |
| freebsd:freebsd | freebsd | eq | 6.2 |
| freebsd:freebsd | freebsd | eq | 6.3 |
| freebsd:freebsd | freebsd | eq | 7.0 |
Related
cvelist
cvelist
CVE-2008-0777
2022-10-03 16:14:07
prion
prion
Code injection
2008-02-15 02:00:00
securityvulns
securityvulns
FreeBSD sendfile() privilege escalation
2008-02-16 00:00:00
FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile
2008-02-16 00:00:00
ubuntucve
ubuntucve
CVE-2008-0777
2008-02-15 00:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-08:03.sendfile.asc)
2008-09-04 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-08:03.sendfile.asc)
2008-09-04 00:00:00
seebug
seebug
FreeBSD sendfile(2)ๅฝๆฐๅชๅๆไปถๆ้็ป่ฟๅฎๅ
จ้ๅถๆผๆด
2008-02-20 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-08:03.sendfile
2008-02-14 00:00:00
nvd
nvd
CVE-2008-0777
2008-02-15 02:00:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-0777