Lucene search

[email protected]CVE-2004-2338

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2338

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2338

openbsd

access restriction bypass

sparc64

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.4%

JSON

OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions.

CPENameOperatorVersion
openbsd:openbsdopenbsdeq3.3
openbsd:openbsdopenbsdeq3.4

CPE	Name	Operator	Version
openbsd:openbsd	openbsd	eq	3.3
openbsd:openbsd	openbsd	eq	3.4

References

www.openbsd.org/errata33.html

www.openbsd.org/errata34.html

www.securityfocus.com/bid/9867

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.4%

JSON