Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD multiple security vulnerabilities
updated since 07.09.2008
Published:03.07.2009
Source:
SecurityVulns ID:9267
Type:remote
Threat Level:
7/10
Description:mount / nmount syscall implementcation buffer overflow. amd64 CPU registers privilege escalation. DoS через ICMPv6.
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.3
 FREEBSD : FreeBSD 7.1
 FREEBSD : FreeBSD 6.4
CVE:CVE-2008-3890 (The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.)
 CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions.")
 CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-08:08.nmount (07.09.2008)
Files:Privilege escalation exploit for the FreeBSD-SA-08:08.nmount

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod