Lucene search
HistoryApr 27, 2009 - 6:00 p.m.
CVE-2009-1436
freebsd
libc
db interface
vulnerability
cve-2009-1436
nvd
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
5.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Affected configurations
Node
freebsdfreebsdMatch6.3
ORfreebsdfreebsdMatch6.3release_p10
ORfreebsdfreebsdMatch6.4
ORfreebsdfreebsdMatch6.4release_p4
ORfreebsdfreebsdMatch6.4stable
ORfreebsdfreebsdMatch7.0
ORfreebsdfreebsdMatch7.0release-p12
ORfreebsdfreebsdMatch7.1
ORfreebsdfreebsdMatch7.1release-p5
ORfreebsdfreebsdMatch7.2pre-release
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | 6.3 |
| freebsd:freebsd | freebsd | eq | 6.4 |
| freebsd:freebsd | freebsd | eq | 7.0 |
| freebsd:freebsd | freebsd | eq | 7.1 |
| freebsd:freebsd | freebsd | eq | 7.2 |
Related
prion
prion
Design/Logic Flaw
2009-04-27 18:00:00
openvas
openvas
Juniper Networks Junos OS libc Vulnerability
2016-07-14 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-09:07.libc.asc)
2009-04-28 00:00:00
nessus
nessus
Juniper Junos FreeBSD libc db Information Disclosure (JSA10756)
2016-07-22 00:00:00
cvelist
cvelist
CVE-2009-1436
2009-04-27 17:43:00
nvd
nvd
CVE-2009-1436
2009-04-27 18:00:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
5.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2009-1436