Executive Summary

Informations
NameCVE-2008-5736First vendor Publication2008-12-26
VendorCveLast vendor Modification2011-09-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5736

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Os23

Milw0rm Exploits

idDescription
2008-12-28FreeBSD 6x/7 protosw kernel Local Privledge Escalation Exploit

ExploitDB Exploits

idDescription
2011-03-10FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit

Open Source Vulnerability Database (OSVDB)

idDescription
50936FreeBSD netgraph / bluetooth Sockets Function Pointers Arbitrary Local Code E...

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/32976
EXPLOIT-DBhttp://www.exploit-db.com/exploits/16951
FREEBSDhttp://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc
MILW0RMhttp://www.milw0rm.com/exploits/7581
OSVDBhttp://osvdb.org/50936
SECTRACKhttp://www.securitytracker.com/id?1021491
SECUNIAhttp://secunia.com/advisories/33209
SREASONhttp://securityreason.com/securityalert/8124
XFhttp://xforce.iss.net/xforce/xfdb/47570

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-11 00:33:44
  • Multiple Updates