Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2005-1036 | First vendor Publication | 2005-05-02 |
| Vendor | Cve | Last vendor Modification | 2024-02-08 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 7.8 | ||
| Base Score | 7.8 | Environmental Score | 7.8 |
| impact SubScore | 5.9 | Temporal Score | 7.8 |
| Exploitabality Sub Score | 1.8 | ||
| Attack Vector | Local | Attack Complexity | Low |
| Privileges Required | Low | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | High | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1036 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-172 | Time and State Attacks |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 15288 | FreeBSD amd64 Direct Hardware Access Privilege Escalation FreeBSD amd64 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by an incorrect initialization of bitmap used for determinatig the hardware access of unprivileged processes. This flaw may lead to a loss of confidentitaliy. |
Sources (Detail)
| Source | Url |
|---|---|
| FREEBSD | ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc |
Alert History
| Date | Informations |
|---|---|
| 2024-02-09 05:28:17 |
|
| 2024-02-02 01:03:00 |
|
| 2024-02-01 12:01:40 |
|
| 2023-09-05 12:02:49 |
|
| 2023-09-05 01:01:32 |
|
| 2023-09-02 12:02:51 |
|
| 2023-09-02 01:01:32 |
|
| 2023-08-12 12:03:25 |
|
| 2023-08-12 01:01:32 |
|
| 2023-08-11 12:02:58 |
|
| 2023-08-11 01:01:34 |
|
| 2023-08-06 12:02:45 |
|
| 2023-08-06 01:01:33 |
|
| 2023-08-04 12:02:49 |
|
| 2023-08-04 01:01:34 |
|
| 2023-07-14 12:02:48 |
|
| 2023-07-14 01:01:34 |
|
| 2023-03-29 01:02:53 |
|
| 2023-03-28 12:01:38 |
|
| 2022-10-11 12:02:30 |
|
| 2022-10-11 01:01:25 |
|
| 2021-05-04 12:02:52 |
|
| 2021-04-22 01:03:06 |
|
| 2020-05-23 00:16:28 |
|
| 2019-03-19 12:01:49 |
|
| 2013-05-11 11:23:34 |
|
