Vulnerabilities > CVE-2001-1185 - Unspecified vulnerability in Freebsd 4.4

CVSS 6.2 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

high complexity

freebsd

exploit available

NVD

Published: 2001-12-10

Updated: 2008-09-05

Summary

Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 4.4	1

Exploit-Db

description	FreeBSD 4.4 AIO Library Cross Process Memory Write Vulnerability. CVE-2001-1185. Local exploit for freebsd platform
id	EDB-ID:21176
last seen	2016-02-02
modified	2001-12-10
published	2001-12-10
reporter	David Rufino
source	https://www.exploit-db.com/download/21176/
title	FreeBSD 4.4 AIO Library Cross Process Memory Write Vulnerability

References

http://www.iss.net/security_center/static/7693.php
http://www.osvdb.org/2001
http://www.securityfocus.com/archive/1/244583
http://www.securityfocus.com/bid/3661