CVE-2005-0666
PaX - Double-Mirrored VMA munmap Privilege Escalation
Severity Score
4.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass intended access restrictions and execute arbitrary code.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-03-07 CVE Reserved
- 2005-03-07 CVE Published
- 2005-03-14 First Exploit
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/14489 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/392348 | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/876 | 2005-03-14 | |
| http://www.securityfocus.com/bid/12729 | 2024-09-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.2 Search vendor "The Pax Team" for product "Pax Linux" and version "2.2" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.20 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.20" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.21 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.21" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.22 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.22" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.23 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.23" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.24 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.24" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.25 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.25" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.26 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.26" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.27 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.27" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.4.28 Search vendor "The Pax Team" for product "Pax Linux" and version "2.4.28" | - |
Affected
| ||||||
| The Pax Team Search vendor "The Pax Team" | Pax Linux Search vendor "The Pax Team" for product "Pax Linux" | 2.6.5 Search vendor "The Pax Team" for product "Pax Linux" and version "2.6.5" | - |
Affected
| ||||||