Lucene search

MitreCVE-2002-2180

HistoryNov 16, 2005 - 9:17 p.m.

CVE-2002-2180

2005-11-1621:17:00

mitre

web.nvd.nist.gov

cve-2002-2180

openbsd

setitimer

system call

integer signedness error

nvd

security vulnerability

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error.

Affected configurations

Nvd

Node

openbsdopenbsdMatch2.0

openbsdopenbsdMatch2.1

openbsdopenbsdMatch2.2

openbsdopenbsdMatch2.3

openbsdopenbsdMatch2.4

openbsdopenbsdMatch2.5

openbsdopenbsdMatch2.6

openbsdopenbsdMatch2.7

openbsdopenbsdMatch2.8

openbsdopenbsdMatch2.9

openbsdopenbsdMatch3.0

openbsdopenbsdMatch3.1

VendorProductVersionCPE
openbsdopenbsd2.0cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
openbsdopenbsd2.1cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
openbsdopenbsd2.2cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
openbsdopenbsd2.3cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
openbsdopenbsd2.4cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
openbsdopenbsd2.5cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
openbsdopenbsd2.6cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
openbsdopenbsd2.7cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
openbsdopenbsd2.8cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
openbsdopenbsd2.9cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openbsd	openbsd	2.0	cpe:2.3:o:openbsd:openbsd:2.0:::::::*
openbsd	openbsd	2.1	cpe:2.3:o:openbsd:openbsd:2.1:::::::*
openbsd	openbsd	2.2	cpe:2.3:o:openbsd:openbsd:2.2:::::::*
openbsd	openbsd	2.3	cpe:2.3:o:openbsd:openbsd:2.3:::::::*
openbsd	openbsd	2.4	cpe:2.3:o:openbsd:openbsd:2.4:::::::*
openbsd	openbsd	2.5	cpe:2.3:o:openbsd:openbsd:2.5:::::::*
openbsd	openbsd	2.6	cpe:2.3:o:openbsd:openbsd:2.6:::::::*
openbsd	openbsd	2.7	cpe:2.3:o:openbsd:openbsd:2.7:::::::*
openbsd	openbsd	2.8	cpe:2.3:o:openbsd:openbsd:2.8:::::::*
openbsd	openbsd	2.9	cpe:2.3:o:openbsd:openbsd:2.9:::::::*

Rows per page:

1-10 of 121

References

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/032_kerntime.patch

www.iss.net/security_center/static/10278.php

www.openbsd.org/plus32.html

www.securityfocus.com/bid/5861

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-2180