2.1 CVE-2003-1289

Patch
 

The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
https://nvd.nist.gov/vuln/detail/CVE-2003-1289

Categories

CWE-NVD-Other

References

FREEBSD

OSVDB Patch

2406
Patch

SECTRACK Patch

1007460
Patch Vendor Advisory

SECUNIA Patch

9504
Patch Vendor Advisory

XF


 

CPE

cpe start end
Configuration 1
cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:release_p2:*:*:*:*:*:* <= 4.8
cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:release_p1:*:*:*:*:*:* <= 5.1
cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*


REMEDIATION


Patch

Url
2406
1007460
9504


EXPLOITS


Exploit-db.com

id description date
No known exploits

Other (github, ...)

Url
No known exploits


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
No entry


MITRE