Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2005-1126 | First vendor Publication | 2005-04-15 |
Vendor | Cve | Last vendor Modification | 2017-07-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1126 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
15514 | FreeBSD ifconf() Function Kernel Memory Disclosure FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a local user generates a list of network interfaces and the "SIOCGICONF" ioctl fails to zero out the buffer, which may cause up to 12 bytes of potentially sensitive information from previously cached kernel memory to be disclosed to the user process, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-11-01 | Name : The remote host is missing a Mac OS X update which fixes security issues. File : macosx_10_4_3.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:03:00 |
|
2024-02-01 12:01:41 |
|
2023-09-05 12:02:50 |
|
2023-09-05 01:01:32 |
|
2023-09-02 12:02:52 |
|
2023-09-02 01:01:32 |
|
2023-08-12 12:03:25 |
|
2023-08-12 01:01:32 |
|
2023-08-11 12:02:58 |
|
2023-08-11 01:01:34 |
|
2023-08-06 12:02:45 |
|
2023-08-06 01:01:33 |
|
2023-08-04 12:02:49 |
|
2023-08-04 01:01:34 |
|
2023-07-14 12:02:48 |
|
2023-07-14 01:01:34 |
|
2023-03-29 01:02:54 |
|
2023-03-28 12:01:39 |
|
2022-10-11 12:02:30 |
|
2022-10-11 01:01:26 |
|
2021-05-04 12:02:53 |
|
2021-04-22 01:03:07 |
|
2020-05-23 00:16:29 |
|
2019-03-19 12:01:49 |
|
2017-07-11 12:01:53 |
|
2016-06-28 15:16:11 |
|
2016-04-26 13:25:26 |
|
2014-02-17 10:30:58 |
|
2013-05-11 11:23:49 |
|