CVEブラウザに戻る

CVE-2002-1125

LOW

2.1

CVSS Severity Score

EPSS Score0.0810%

EPSS Percentile9.94th

Published2002年9月24日

Last Modified2026年4月16日

Vulnerability Description

FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.

Affected Platforms (CPE)

💻

Freebsd

Freebsd

= 4.2

💻

Freebsd

Freebsd

= 4.3

💻

Freebsd

Freebsd

= 4.4

💻

Freebsd

Freebsd

= 4.5

💻

Freebsd

Freebsd

= 4.6

References & Advisories

🔗 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0115.html

🔗 http://marc.info/?l=bugtraq&m=103228135413310&w=2

🔗 http://www.iss.net/security_center/static/10109.php

🔗 http://www.securityfocus.com/bid/5714

🔗 http://www.securityfocus.com/bid/5716

🔗 http://www.securityfocus.com/bid/5718

🔗 http://www.securityfocus.com/bid/5719

関連する脆弱性情報

CVE-1999-079810.0

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-2001-096910.0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw t...

CVE-1999-032310.0

FreeBSD mmap function allows users to modify append-only or immutable files.

CVE-2004-105310.0

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP he...