Computer Security
[EN] no-pyccku

FreeBSD sendfile() privilege escalation
SecurityVulns ID:8691
Threat Level:
Description:Syscall allows read access to write-only files.
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.1
 FREEBSD : FreeBSD 5.5
 FREEBSD : FreeBSD 6.2
 FREEBSD : FreeBSD 6.3
CVE:CVE-2008-0777 (The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.)
Original documentdocumentFREEEBSD, FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile (16.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod