Vulnerabilities > CVE-2002-1125 - Unspecified vulnerability in Freebsd
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 5 |
Exploit-Db
description ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability. CVE-2002-1125. Local exploit for unix platform id EDB-ID:21797 last seen 2016-02-02 modified 2002-09-16 published 2002-09-16 reporter badc0ded source https://www.exploit-db.com/download/21797/ title ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability description BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability. CVE-2002-1125. Local exploit for unix platform id EDB-ID:21796 last seen 2016-02-02 modified 2002-09-16 published 2002-09-16 reporter badc0ded source https://www.exploit-db.com/download/21796/ title BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability description WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability. CVE-2002-1125. Local exploit for freebsd platform id EDB-ID:21798 last seen 2016-02-02 modified 2002-09-16 published 2002-09-16 reporter badc0ded source https://www.exploit-db.com/download/21798/ title WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability description WMNet2 1.0 6 Kernel Memory File Descriptor Leakage Vulnerability. CVE-2002-1125. Local exploit for freebsd platform id EDB-ID:21799 last seen 2016-02-02 modified 2002-09-16 published 2002-09-16 reporter badc0ded source https://www.exploit-db.com/download/21799/ title WMNet2 1.0 6 Kernel Memory File Descriptor Leakage Vulnerability
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0115.html
- http://marc.info/?l=bugtraq&m=103228135413310&w=2
- http://www.iss.net/security_center/static/10109.php
- http://www.securityfocus.com/bid/5714
- http://www.securityfocus.com/bid/5716
- http://www.securityfocus.com/bid/5718
- http://www.securityfocus.com/bid/5719
- http://www.securityfocus.com/bid/5720