Memory Disclosure Vulnerability in iBCS2 System Call Translator for NetBSD and FreeBSD
CVE-2003-1289

Currently unrated

Key Information:

Vendor: NetBSD & FreeBSD
Status: iBCS2 System Call Translator
Vendor: CVE Published:; 31 December 2003

What is CVE-2003-1289?

The iBCS2 system call translator in NetBSD and FreeBSD contains a vulnerability that allows local users to read sensitive portions of kernel memory through an improperly validated length parameter. By exploiting this vulnerability, additional kernel memory can be leaked into userland, potentially exposing confidential information and system internals to authenticated users. This may lead to further attacks or unauthorized access, emphasizing the need for timely updates and patches.

References

http://www.osvdb.org/2406

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/12892

vdb-entryx_refsource_XF

http://secunia.com/advisories/9504

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Dec 17, 2005
Vulnerability published
Dec 31, 2003

NetBSD & FreeBSD

What is CVE-2003-1289?

References

Timeline