Vulnerabilities > CVE-2006-1588 - Unspecified vulnerability in Netbsd
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 10 |
References
- ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc
- ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc
- http://secunia.com/advisories/19464
- http://secunia.com/advisories/19464
- http://securitytracker.com/id?1015846
- http://securitytracker.com/id?1015846
- http://www.osvdb.org/24262
- http://www.osvdb.org/24262
- http://www.securityfocus.com/bid/17312
- http://www.securityfocus.com/bid/17312
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25582
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25582