Vulnerability Details CVE-2005-4782
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.2%
CVSS Severity
CVSS v2 Score 4.9
References
- http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111&r2=1.112
- http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html
- http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html
- http://www.securityfocus.com/bid/15289
- http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111&r2=1.112
- http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html
- http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html
- http://www.securityfocus.com/bid/15289
Products affected by CVE-2005-4782
-
cpe:2.3:o:netbsd:netbsd:2.0
-
cpe:2.3:o:netbsd:netbsd:2.0.1
-
cpe:2.3:o:netbsd:netbsd:2.0.2
-
cpe:2.3:o:netbsd:netbsd:2.0.3
-
cpe:2.3:o:netbsd:netbsd:2.1