4.6

CVE-2005-1406

The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version4.1
FreebsdFreebsd Version4.2
FreebsdFreebsd Version4.3
FreebsdFreebsd Version4.4
FreebsdFreebsd Version4.5
FreebsdFreebsd Version4.6
FreebsdFreebsd Version4.7
FreebsdFreebsd Version4.8
FreebsdFreebsd Version4.9
FreebsdFreebsd Version4.10
FreebsdFreebsd Version4.11
FreebsdFreebsd Version5.1
FreebsdFreebsd Version5.2
FreebsdFreebsd Version5.3
FreebsdFreebsd Version5.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.296
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html
http://secunia.com/advisories/17368
http://www.securityfocus.com/bid/15252
http://www.vupen.com/english/advisories/2005/2256
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:08.kmem.asc
Patch
Vendor Advisory
http://www.securityfocus.com/bid/13526