FreeBSD 4.2/4.3/4.4/4.5/4.6 File Descriptors wmnet2 Memory information disclosure
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
3.7 | $0-$5k | 0.00 |
A vulnerability classified as problematic was found in FreeBSD 4.2/4.3/4.4/4.5/4.6 (Operating System). This vulnerability affects an unknown function of the file asmon/ascpu/bubblemon/wmmon/wmnet2 of the component File Descriptors. The manipulation with an unknown input leads to a information disclosure vulnerability (Memory). The CWE definition for the vulnerability is CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. As an impact it is known to affect confidentiality. CVE summarizes:
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
The bug was discovered 09/16/2002. The weakness was disclosed 09/24/2002 (Website). The advisory is available at ftp.freebsd.org. This vulnerability was named CVE-2002-1125. The exploitation appears to be easy. Local access is required to approach this attack. No form of authentication is required for a successful exploitation. Technical details and also a public exploit are known. This vulnerability is assigned to T1592 by the MITRE ATT&CK project.
It is possible to download the exploit at exploit-db.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 8 days. During that time the estimated underground price was around $5k-$25k.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
The vulnerability is also documented in the databases at X-Force (10109), Exploit-DB (21798), SecurityFocus (BID 5720†), OSVDB (6097†) and Vulnerability Center (SBV-22693†).
Product
Type
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.0VulDB Meta Temp Score: 3.8
VulDB Base Score: 4.0
VulDB Temp Score: 3.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Name: MemoryClass: Information disclosure / Memory
CWE: CWE-200 / CWE-284 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Local: Yes
Remote: No
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Timeline
09/16/2002 🔍09/16/2002 🔍
09/16/2002 🔍
09/24/2002 🔍
09/24/2002 🔍
06/25/2009 🔍
07/23/2014 🔍
08/31/2024 🔍
Sources
Product: freebsd.orgAdvisory: ftp.freebsd.org
Status: Not defined
CVE: CVE-2002-1125 (🔍)
X-Force: 10109
SecurityFocus: 5720 - ASMon Kernel Memory File Descriptor Leakage Vulnerability
OSVDB: 6097 - FreeBSD libkvm could leak sensitive file descriptors and disclose kernel memory
Vulnerability Center: 22693 - FreeBSD <= 4.6.2-RELEASE Port Programs Local Kernel Memory Disclosure Vulnerability, Low
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 07/23/2014 11:22 AMUpdated: 08/31/2024 11:25 PM
Changes: 07/23/2014 11:22 AM (59), 09/06/2019 05:35 PM (3), 08/31/2024 11:25 PM (25)
Complete: 🔍
Cache ID: 18:F1C:40
No comments yet. Languages: en.
Please log in to comment.