Описание
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Ссылки
- Vendor Advisory
- Vendor Advisory
- ExploitPatch
- Vendor Advisory
- Vendor Advisory
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.3:release_p10:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.4:release_p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.4:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:release-p12:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.1:release-p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00276
Низкий
4.9 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
debian
почти 17 лет назад
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PREREL ...
github
почти 4 года назад
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
EPSS
Процентиль: 51%
0.00276
Низкий
4.9 Medium
CVSS2
Дефекты
CWE-20