CVE-2008-5736
FreeBSD 6.4 - Netgraph Privilege Escalation
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.
Múltiples vulnerabilidades sin especificar en FreeBSD 6 antes de 6.4-STABLE, 6.3 antes de 6.3-RELEASE-p7, 6.4 antes de 6.4-RELEASE-p1, 7.0 antes de 7.0-RELEASE-p7, 7.1 antes de 7.1-RC2 y 7 antes de 7.1-PRERELEASE permite a usuarios locales obtener privilegios mediante vectores de ataque desconocidos relacionados con punteros de funciones que "no están correctamente inicializados" para sockets(1) netgraph y (2) bluetooth.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-12-26 CVE Reserved
- 2008-12-26 CVE Published
- 2011-03-10 First Exploit
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/50936 | Broken Link | |
| http://securityreason.com/securityalert/8124 | Third Party Advisory | |
| http://www.securityfocus.com/bid/32976 | Third Party Advisory | |
| http://www.securitytracker.com/id?1021491 | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47570 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/16951 | 2011-03-10 | |
| http://www.exploit-db.com/exploits/16951 | 2024-08-07 | |
| https://www.exploit-db.com/exploits/7581 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/33209 | 2019-08-02 | |
| http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc | 2019-08-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.0 Search vendor "Freebsd" for product "Freebsd" and version "6.0" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | p1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | p2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | p3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | p4 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | p5 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | p6 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.4 Search vendor "Freebsd" for product "Freebsd" and version "6.4" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.0 Search vendor "Freebsd" for product "Freebsd" and version "7.0" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.0 Search vendor "Freebsd" for product "Freebsd" and version "7.0" | p1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.0 Search vendor "Freebsd" for product "Freebsd" and version "7.0" | p3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.0 Search vendor "Freebsd" for product "Freebsd" and version "7.0" | p4 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.0 Search vendor "Freebsd" for product "Freebsd" and version "7.0" | p5 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.0 Search vendor "Freebsd" for product "Freebsd" and version "7.0" | p6 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.1 Search vendor "Freebsd" for product "Freebsd" and version "7.1" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.1 Search vendor "Freebsd" for product "Freebsd" and version "7.1" | rc1 |
Affected
| ||||||