Vulnerabilities > CVE-2001-1166 - Unspecified vulnerability in Freebsd

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

freebsd

NVD

Published: 2001-08-21

Updated: 2008-09-05

Summary

linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 4.0 Freebsd Freebsd 4.1 Freebsd Freebsd 4.2 Freebsd Freebsd 4.3	4

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:55.procfs.asc
http://www.iss.net/security_center/static/7017.php
http://www.osvdb.org/1938
http://www.securityfocus.com/bid/3217