CVE-2003-1289
Published Dec 31, 2003
Last updated 7 years ago
Overview
- Description
- The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:release_p2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5206BC9B-F7CC-4AF2-866F-46F094616219",
"versionEndIncluding": "4.8"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:release_p1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "79F06925-8A46-4721-B509-53E8145CF2A5",
"versionEndIncluding": "5.1"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418"
}
],
"operator": "OR"
}
]
}
]