Vulnerabilities > CVE-2006-0380 - Local Kernel Memory Disclosure vulnerability in Freebsd 5.4/6.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 16373 CVE(CAN) ID: CVE-2006-0379,CVE-2006-0380 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码的Unix类系统。 FreeBSD的内核实现上存在多个漏洞,可能导致向非授权用户泄露内核内存信息。 一个漏洞是由于内核向用户态缓冲区复制数据时没有正确地清除原有内容,另一个漏洞是由于向用户缓冲区复制了过多的数据。 FreeBSD FreeBSD 6.0-STABLE FreeBSD FreeBSD 6.0-RELEASE FreeBSD FreeBSD 5.4-RELENG FreeBSD FreeBSD 5.4-RELEASE FreeBSD FreeBSD 5.4-PRERELEASE FreeBSD ------- FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-06:06)以及相应补丁: FreeBSD-SA-06:06:Local kernel memory disclosure 链接:<a href=ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc target=_blank>ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc</a> 补丁下载: [FreeBSD 5.4-STABLE and 6.0-STABLE] # fetch <a href=ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem.patch target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem.patch</a> # fetch <a href=ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem.patch.asc target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem.patch.asc</a> [FreeBSD 6.0-RELEASE] # fetch <a href=ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem60.patch target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem60.patch</a> # fetch <a href=ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem60.patch.asc target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:06/kmem60.patch.asc</a> |
id | SSV:4229 |
last seen | 2017-11-19 |
modified | 2006-08-17 |
published | 2006-08-17 |
reporter | Root |
title | FreeBSD多个本地内存泄露漏洞 |