Vulnerabilities > CVE-2001-1559 - NULL Pointer Dereference vulnerability in Openbsd 2.9/3.0

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

openbsd

CWE-476

exploit available

NVD

Published: 2001-12-31

Updated: 2024-02-16

Summary

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd 2.9 Openbsd Openbsd 3.0	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Exploit-Db

description	OpenBSD 2.x/3.0 User Mode Return Value Denial Of Service Vulnerability. CVE-2001-1559. Dos exploit for openbsd platform
id	EDB-ID:21167
last seen	2016-02-02
modified	2001-12-03
published	2001-12-03
reporter	Marco Peereboom
source	https://www.exploit-db.com/download/21167/
title	OpenBSD 2.x/3.0 - User Mode Return Value Denial of Service Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References