Vulnerability Description
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dragonfly | Dragonfly | <= 1.2 |
| Freebsd | Freebsd | <= 6.0 |
| Linux | Linux Kernel | <= 2.6.15 |
| Openbsd | Openbsd | <= 3.8 |
References
- http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.htmlExploitVendor Advisory
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txtExploitVendor Advisory
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24037
- http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.htmlExploitVendor Advisory
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txtExploitVendor Advisory
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24037
FAQ
What is CVE-2005-4351?
CVE-2005-4351 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another ...
How severe is CVE-2005-4351?
CVE-2005-4351 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4351?
Check the references section above for vendor advisories and patch information. Affected products include: Dragonfly Dragonfly, Freebsd Freebsd, Linux Linux Kernel, Openbsd Openbsd.