From be7d111a48da3433386073d5947a5ab54866c08e Mon Sep 17 00:00:00 2001 From: nectar Date: Mon, 4 Oct 2004 17:09:55 +0000 Subject: Record FreeBSD-SA-04:15.syscons. Approved by: portmgr --- security/vuxml/vuln.xml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b4e437c350e3..aaed28018114 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,44 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> + + + + + FreeBSD + 5.05.2.1_11 + + + + +

The syscons CONS_SCRSHOT ioctl(2) + does insufficient validation of its input arguments. In + particular, negative coordinates or large coordinates may + cause unexpected behavior.

It may be possible to cause the CONS_SCRSHOT ioctl to + return portions of kernel memory. Such memory might + contain sensitive information, such as portions of the + file cache or terminal buffers. This information might be + directly useful, or it might be leveraged to obtain elevated + privileges in some way. For example, a terminal buffer + might include a user-entered password.

This bug may be exploitable by users who have access to the + physical console or can otherwise open a /dev/ttyv* device + node.

+ + + + CAN-2004-0919 + SA-04:15.syscons + http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/syscons/syscons.c#rev1.429 + + + 2004-09-30 + 2004-10-04 + + + racoon -- improper certificate handling -- cgit