Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD sendfile() privilege escalation
Published:16.02.2008
Source:
SecurityVulns ID:8691
Type:remote
Threat Level:
5/10
Description:Syscall allows read access to write-only files.
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.1
 FREEBSD : FreeBSD 5.5
 FREEBSD : FreeBSD 6.2
 FREEBSD : FreeBSD 6.3
CVE:CVE-2008-0777 (The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.)
Original documentdocumentFREEEBSD, FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile (16.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod