Lucene search

[email protected]CVE-2005-4779

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-4779

2022-10-0316:22:44

[email protected]

web.nvd.nist.gov

netbsd

vulnerability

verifiedexecioctl

verified_exec.c

ndinit

uio_userspace

uid_sysspace

local users

trojan horse

nvd

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs.

Affected configurations

NVD

Node

netbsdnetbsdMatch2.0

netbsdnetbsdMatch2.0.1

netbsdnetbsdMatch2.0.2

CPENameOperatorVersion
netbsd:netbsdnetbsdeq2.0
netbsd:netbsdnetbsdeq2.0.1
netbsd:netbsdnetbsdeq2.0.2

CPE	Name	Operator	Version
netbsd:netbsd	netbsd	eq	2.0
netbsd:netbsd	netbsd	eq	2.0.1
netbsd:netbsd	netbsd	eq	2.0.2

References

cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4&r2=1.4.2.1&f=h

mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html

releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988

www.osvdb.org/20725

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-4779

cvelist1 nvd1