Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231052657HistorySep 04, 2008 - 12:00 a.m.
FreeBSD Security Advisory (FreeBSD-SA-04:15.syscons.asc)
2008-09-0400:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
1
7 High
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.4%
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-04:15.syscons.asc
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.52657");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2004-0919");
script_tag(name:"cvss_base", value:"4.6");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_name("FreeBSD Security Advisory (FreeBSD-SA-04:15.syscons.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"syscons(4) is the default console driver for FreeBSD. Using the
physical keyboard and screen, it provides multiple virtual terminals
which appear as if they were separate terminals. One virtual terminal
is considered current and exclusively occupies the screen and the
keyboard. The other virtual terminals are placed in the background.
The syscons CONS_SCRSHOT ioctl(2) does insufficient validation of
its input arguments. In particular, negative coordinates or large
coordinates may cause unexpected behavior.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-04:15.syscons.asc");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/11321");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-04:15.syscons.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"5.2.1", patchlevel:"11")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}Related
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:15.syscons
2004-10-04 00:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-04:15.syscons.asc)
2008-09-04 00:00:00
nessus
nessus
FreeBSD : SA-04:15.syscons
2004-10-04 00:00:00
cve
cve
CVE-2004-0919
2004-12-31 05:00:00
ubuntucve
ubuntucve
CVE-2004-0919
2004-12-31 00:00:00
freebsd
freebsd
Boundary checking errors in syscons
2004-09-30 00:00:00
cert
cert
FreeBSD syscons fails to properly validate input in "CONS_SCRSHOT" ioctl
2004-10-08 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-04:15.syscons
2004-10-06 00:00:00
7 High
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.4%
Related for OPENVAS:136141256231052657