CVE-2004-1066

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-1066
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.

3.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:P

Exploitability : 3.9 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc
https://exchange.xforce.ibmcloud.com/vulnerabilities/18321
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc
https://exchange.xforce.ibmcloud.com/vulnerabilities/18321
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*
History

20 Nov 2024, 23:50

Type Values Removed Values Added
References () ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc - () ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18321 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/18321 -
Information

Published : 2005-01-10 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-1066

Mitre link : CVE-2004-1066

CVE.ORG link : CVE-2004-1066

JSON object : View

Products Affected

freebsd

  • freebsd
CWE
NVD-CWE-Other