Vulnerability CVE-2005-4351
Published: 2005-12-31   Modified: 2012-02-12

Description:
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.

CVSS2 => (AV:L/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
6.4/10
3.1/10
Exploit range
Attack complexity
Authentication
Local
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Openbsd -> Openbsd 
Linux -> Linux kernel 
Freebsd -> Freebsd 
Dragonfly -> Dragonfly 

 References:
http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html
http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/24037
Copyright 2024, cxsecurity.com

 

Back to Top