Vulnerabilities > CVE-2005-4782 - Local Denial of Service vulnerability in NetBSD SO_LINGER DIAGNOSTIC Checking

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

netbsd

NVD

Published: 2005-12-31

Updated: 2008-09-05

Summary

NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.

Vulnerable Configurations

Part	Description	Count
OS	Netbsd Netbsd Netbsd 2.0 Netbsd Netbsd 2.0.1 Netbsd Netbsd 2.0.2 Netbsd Netbsd 2.0.3 Netbsd Netbsd 2.1	5

References

http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111&r2=1.112
http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html
http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html
http://www.securityfocus.com/bid/15289