Vulnerability Name:

CCN-51865

Published:2009-07-20
Updated:2009-07-20
Summary:FreeBSD is vulnerable to a denial of service, casued by an error when loading PE COFF binaries. If PE COFF support is enabled or the pecoff kernel module is loaded, a local attacker could exploit this vulnerability to cause the kernel to crash.
CVSS v3 Severity:6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.7 Medium (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C)
4.2 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: SA35889
FreeBSD PE COFF Loading Denial of Service Vulnerability

Source: CCN
Type: FreeBSD Web site
The FreeBSD Project

Source: CCN
Type: OSVDB ID: 56057
FreeBSD PE COFF Unspecified Local DoS

Source: CCN
Type: BID-35739
FreeBSD 'PECOFF_SUPPORT' Local Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
freebsd-pecoff-dos(51865)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:freebsd:freebsd:7.1:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:rc2:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:stable:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    freebsd freebsd 7.1 -
    freebsd freebsd 7.2 pre-release
    freebsd freebsd 7.2 rc2
    freebsd freebsd 7.2 stable