Executive Summary

Informations
NameCVE-2008-5736First vendor Publication2008-12-26
VendorCveLast vendor Modification2011-09-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5736

CWE : Common Weakness Enumeration

%idName
100 %CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Os170

Milw0rm Exploits

idDescription
2008-12-28FreeBSD 6x/7 protosw kernel Local Privledge Escalation Exploit

ExploitDB Exploits

idDescription
2011-03-10FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit

Open Source Vulnerability Database (OSVDB)

idDescription
50936FreeBSD netgraph / bluetooth Sockets Function Pointers Arbitrary Local Code E...

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/32976
EXPLOIT-DB http://www.exploit-db.com/exploits/16951
FREEBSD http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc
MILW0RM http://www.milw0rm.com/exploits/7581
OSVDB http://osvdb.org/50936
SECTRACK http://www.securitytracker.com/id?1021491
SREASON http://securityreason.com/securityalert/8124
XF http://xforce.iss.net/xforce/xfdb/47570

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2016-04-26 18:10:39
  • Multiple Updates
2013-05-11 00:33:44
  • Multiple Updates