| Vulnerability Name: | CVE-2014-8476 (CCN-98490) |
| Assigned: | 2014-11-04 |
| Published: | 2014-11-04 |
| Updated: | 2014-11-14 |
| Summary: | The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a call to getlogin, which returns the entire buffer.
|
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): Low
Integrity (I): None
Availibility (A): None |
|
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None |
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None |
|
| Vulnerability Type: | CWE-200
|
| Vulnerability Consequences: | Obtain Information |
| References: | Source: MITRE
Type: CNA
CVE-2014-8476
Source: SECUNIA
Type: UNKNOWN
61118
Source: SECUNIA
Type: UNKNOWN
62218
Source: DEBIAN
Type: Vendor Advisory
DSA-3070
Source: XF
Type: UNKNOWN
freebsd-cve20148476-info-disc(98490)
Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-14:25
Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin
Kernel stack disclosure in setlogin(2) / getlogin(2)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/o:freebsd:freebsd:8.4:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.0:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.0:beta1:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.0:beta2:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.1:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.3:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.0:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.1:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.1:rc1:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.1:rc2:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.1:rc3:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.1:rc4:*:*:*:*:*:*
Configuration CCN 1:
cpe:/o:freebsd:freebsd:9.1:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.0:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:9.3:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:10.1:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| Oval Definitions |
|
| BACK |