Описание
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
Ссылки
- Vendor Advisory
- Patch
- ExploitPatch
- Vendor Advisory
- Patch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
4.9 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
почти 18 лет назад
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
debian
почти 18 лет назад
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the ...
github
больше 3 лет назад
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
EPSS
Процентиль: 21%
0.00068
Низкий
4.9 Medium
CVSS2
Дефекты
CWE-264