Lucene search
HistoryApr 03, 2006 - 10:04 a.m.
CVE-2006-1588
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
Affected configurations
Node
netbsdnetbsdMatch1.6
ORnetbsdnetbsdMatch1.6beta
ORnetbsdnetbsdMatch1.6.1
ORnetbsdnetbsdMatch1.6.2
ORnetbsdnetbsdMatch2.0
ORnetbsdnetbsdMatch2.0.1
ORnetbsdnetbsdMatch2.0.2
ORnetbsdnetbsdMatch2.0.3
ORnetbsdnetbsdMatch2.1
ORnetbsdnetbsdMatch3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| netbsd | netbsd | 1.6 | cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:* |
| netbsd | netbsd | 1.6 | cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:* |
| netbsd | netbsd | 1.6.1 | cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:* |
| netbsd | netbsd | 1.6.2 | cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:* |
| netbsd | netbsd | 2.0 | cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:* |
| netbsd | netbsd | 2.0.1 | cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:* |
| netbsd | netbsd | 2.0.2 | cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:* |
| netbsd | netbsd | 2.0.3 | cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:* |
| netbsd | netbsd | 2.1 | cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:* |
| netbsd | netbsd | 3.0 | cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2006-1588
2006-04-03 10:04:00
prion
prion
Design/Logic Flaw
2006-04-03 10:04:00
cvelist
cvelist
CVE-2006-1588
2006-04-03 10:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2006-1588