| Vulnerability Name: | CVE-2005-1036 (CCN-19984) | ||||||||
| Assigned: | 2005-04-06 | ||||||||
| Published: | 2005-04-06 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-05:03.amd64 unprivileged hardware access on amd64 Source: FREEBSD Type: UNKNOWN FreeBSD-SA-05:03 Source: MITRE Type: CNA CVE-2005-1036 Source: CCN Type: The FreeBSD Project FreeBSD- the Power to Serve Source: CCN Type: OSVDB ID: 15288 FreeBSD amd64 Direct Hardware Access Privilege Escalation Source: CCN Type: BID-13021 FreeBSD Kernel AMD64 Unprivileged Hardware Access Vulnerability Source: XF Type: UNKNOWN freebsd-amd64-gain-privilege(19984) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||