Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2004-0370 | First vendor Publication | 2004-05-04 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0370 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-04:06.ipv6.asc) File : nvt/freebsdsa_ipv6.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 5985 | FreeBSD KAME Project IPv6 setsockopt() Kernel Memory Disclosure FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is in FreeBSD's implementation of KAME Project IPv6 code beacuse of an input validation flaw in the "setsockopt()" system call when handling certain IPv6 socket options, which will disclose the kernel memory resulting in a loss of confidentiality. No further details are available. |
| 4668 | FreeBSD KAME Project IPv6 setsockopt() DoS FreeBSD contains a flaw due to the manner in which it implements KAME Project IPv6 code that may allow a remote denial of service. The issue is an input validation flaw in the "setsockopt()" system call when handling certain IPv6 socket options, and will result in loss of availability for the platform. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-07-06 | Name : The remote device is missing a vendor-supplied security patch File : freebsd_setsockopt_521_4.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:23:05 |
|
| 2024-11-28 12:06:04 |
|
| 2024-08-02 12:02:46 |
|
| 2024-08-02 01:01:30 |
|
| 2024-02-02 01:02:32 |
|
| 2024-02-01 12:01:31 |
|
| 2023-09-05 12:02:25 |
|
| 2023-09-05 01:01:22 |
|
| 2023-09-02 12:02:26 |
|
| 2023-09-02 01:01:22 |
|
| 2023-08-12 12:02:57 |
|
| 2023-08-12 01:01:23 |
|
| 2023-08-11 12:02:32 |
|
| 2023-08-11 01:01:24 |
|
| 2023-08-06 12:02:20 |
|
| 2023-08-06 01:01:23 |
|
| 2023-08-04 12:02:24 |
|
| 2023-08-04 01:01:24 |
|
| 2023-07-14 12:02:23 |
|
| 2023-07-14 01:01:24 |
|
| 2023-03-29 01:02:24 |
|
| 2023-03-28 12:01:29 |
|
| 2022-10-11 12:02:07 |
|
| 2022-10-11 01:01:16 |
|
| 2021-05-04 12:02:19 |
|
| 2021-04-22 01:02:28 |
|
| 2020-05-23 00:15:46 |
|
| 2019-03-19 12:01:40 |
|
| 2017-07-11 12:01:25 |
|
| 2016-04-26 12:49:20 |
|
| 2014-02-17 10:27:25 |
|
| 2013-05-11 11:41:24 |
|
