Secunia
Login
|
|
CVE Reference: CVE-2006-0145 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0145 |
|
|
Description: The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/24035 SREASON http://securityreason.com/securityalert/405 SAID Secunia Advisory: SA18388 Secunia Advisory: SA18712 OSVDB 22293 NETBSD MISC http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/423827/100/0/threaded BID 16173 |
|
| Return to the previous page. |
