Vulnerabilities > CVE-2005-1400 - Unspecified vulnerability in Freebsd

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

freebsd

NVD

Published: 2005-05-06

Updated: 2008-09-05

Summary

The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 4.7 Freebsd Freebsd 4.8 Freebsd Freebsd 4.9 Freebsd Freebsd 4.10 Freebsd Freebsd 4.11 Freebsd Freebsd 5.1 Freebsd Freebsd 5.2 Freebsd Freebsd 5.3 Freebsd Freebsd 5.4	9

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:07.ldt.asc