header-logo
Suggest Exploit
vendor:
Multiple BSD Distributions
by:
SecurityFocus
7.5
CVSS
HIGH
Memory Corruption
125
CWE
Product Name: Multiple BSD Distributions
Affected Version From: OpenBSD 4.6
Affected Version To: NetBSD 5.0.1
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Multiple BSD Distributions Memory Corruption Vulnerability

Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index. An attacker can exploit this issue to cause applications to crash with a segmentation fault, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. The following example is available: printf %.1100000000f 1.1

Mitigation:

Developers should ensure that data used as an array index is properly bounds-checked.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36885/info

Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index.

An attacker can exploit this issue to cause applications to crash with a segmentation fault, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed.

The following are vulnerable:

OpenBSD 4.6
NetBSD 5.0.1 

The following example is available:

printf %.1100000000f 1.1

Navigation

Suggest Exploit

Services By CQR