CVE-2005-4779

Published: Apr 13, 2006

Modified: Sep 16, 2024

PUBLISHED

Description

verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988

x_refsource_CONFIRM

[netbsd-announce] 20051031 Announcing update 2.0.3 - source only

mailing-list

x_refsource_MLIST

http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4&r2=1.4.2.1&f=h

x_refsource_CONFIRM

20725

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-4779

Description

Affected Products

References