Описание
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4:*:alpha:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4:*:arm32:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4:*:sparc:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.1:*:sh3:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00145
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
EPSS
Процентиль: 36%
0.00145
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other