CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1125

LOW
2.1
CVSS Severity Score
EPSS Score0.0810%
EPSS Percentile9.94th
PublishedSep 24, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.

Affected Platforms (CPE)

πŸ’»
Freebsd

Freebsd

= 4.2
πŸ’»
Freebsd

Freebsd

= 4.3
πŸ’»
Freebsd

Freebsd

= 4.4
πŸ’»
Freebsd

Freebsd

= 4.5
πŸ’»
Freebsd

Freebsd

= 4.6

References & Advisories

πŸ”— ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0115.html
πŸ”— http://marc.info/?l=bugtraq&m=103228135413310&w=2
πŸ”— http://www.iss.net/security_center/static/10109.php
πŸ”— http://www.securityfocus.com/bid/5714
πŸ”— http://www.securityfocus.com/bid/5716
πŸ”— http://www.securityfocus.com/bid/5718
πŸ”— http://www.securityfocus.com/bid/5719

Related Vulnerabilities

CVE-1999-079810.0

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-2001-096910.0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw t...

CVE-1999-032310.0

FreeBSD mmap function allows users to modify append-only or immutable files.

CVE-2004-105310.0

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP he...