Vulnerability Description
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 7.3 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/46202Vendor Advisory
- http://secunia.com/advisories/46564
- http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.ascVendor Advisory
- http://security.freebsd.org/patches/SA-11:05/unix2.patchPatch
- http://www.debian.org/security/2011/dsa-2325
- http://www.exploit-db.com/exploits/17908Exploit
- http://www.osvdb.org/75788
- http://www.securityfocus.com/bid/49862
- http://www.securitytracker.com/id?1026106
- http://secunia.com/advisories/46202Vendor Advisory
- http://secunia.com/advisories/46564
- http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.ascVendor Advisory
- http://security.freebsd.org/patches/SA-11:05/unix2.patchPatch
- http://www.debian.org/security/2011/dsa-2325
- http://www.exploit-db.com/exploits/17908Exploit
FAQ
What is CVE-2011-4062?
CVE-2011-4062 is a vulnerability with a CVSS score of 7.2 (HIGH). Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX ...
How severe is CVE-2011-4062?
CVE-2011-4062 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4062?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.