Vulnerabilities > CVE-2006-4516 - Local Denial of Service vulnerability in Freebsd 6.0

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
freebsd
exploit available

Summary

Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call.

Vulnerable Configurations

Part Description Count
OS
Freebsd
1

Exploit-Db

descriptionFreeBSD 5.4 / 6.0 (ptrace PT_LWPINFO) Local Denial of Service Exploit. CVE-2006-4516. Dos exploit for bsd platform
idEDB-ID:2524
last seen2016-01-31
modified2006-10-12
published2006-10-12
reporterkokanin
sourcehttps://www.exploit-db.com/download/2524/
titleFreeBSD 5.4 / 6.0 ptrace PT_LWPINFO Local Denial of Service Exploit