Vulnerability Description
The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 4.7 |
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:07.ldt.ascPatchVendor Advisory
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:07.ldt.ascPatchVendor Advisory
FAQ
What is CVE-2005-1400?
CVE-2005-1400 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values.
How severe is CVE-2005-1400?
CVE-2005-1400 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1400?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.