Vulnerability Description
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 6.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/50936Broken Link
- http://secunia.com/advisories/33209Vendor Advisory
- http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.ascVendor Advisory
- http://securityreason.com/securityalert/8124Third Party Advisory
- http://www.exploit-db.com/exploits/16951Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/32976Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1021491Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47570VDB Entry
- https://www.exploit-db.com/exploits/7581Third Party AdvisoryVDB Entry
- http://osvdb.org/50936Broken Link
- http://secunia.com/advisories/33209Vendor Advisory
- http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.ascVendor Advisory
- http://securityreason.com/securityalert/8124Third Party Advisory
- http://www.exploit-db.com/exploits/16951Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/32976Third Party AdvisoryVDB Entry
FAQ
What is CVE-2008-5736?
CVE-2008-5736 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE al...
How severe is CVE-2008-5736?
CVE-2008-5736 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5736?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.