CVE-2001-1559
5.5
CVSS Score
Medium
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Link copied!
Description
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
CVSS Vector Details
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Software Configurations
- o openbsd openbsd 2.9 * * * * * * *
- o openbsd openbsd 3.0 * * * * * * *
Weaknesses (CWE)
- CWE-476
References & External Links
- http://archives.neohapsis.com/archives/bugtraq/2001-12/0014.html
- http://monkey.org/openbsd/archive/tech/0112/msg00015.html
- http://www.iss.net/security_center/static/7690.php
- http://archives.neohapsis.com/archives/bugtraq/2001-12/0014.html
- http://monkey.org/openbsd/archive/tech/0112/msg00015.html
- http://www.iss.net/security_center/static/7690.php
External Resources
CVE History Timeline
Sep 29, 2005 21:47
Initial Analysis
Feb 16, 2024 14:16
Reanalysis
May 14, 2024 01:20
CVE Modified
Nov 20, 2024 23:37
CVE Modified