Vulnerability Details CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.9%
CVSS Severity
CVSS v2 Score 7.2
References
- http://osvdb.org/50936
- http://secunia.com/advisories/33209
- http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc
- http://securityreason.com/securityalert/8124
- http://www.exploit-db.com/exploits/16951
- http://www.securityfocus.com/bid/32976
- http://www.securitytracker.com/id?1021491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47570
- https://www.exploit-db.com/exploits/7581
- http://osvdb.org/50936
- http://secunia.com/advisories/33209
- http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc
- http://securityreason.com/securityalert/8124
- http://www.exploit-db.com/exploits/16951
- http://www.securityfocus.com/bid/32976
- http://www.securitytracker.com/id?1021491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47570
- https://www.exploit-db.com/exploits/7581
Products affected by CVE-2008-5736
-
cpe:2.3:o:freebsd:freebsd:6.0
-
cpe:2.3:o:freebsd:freebsd:6.3
-
cpe:2.3:o:freebsd:freebsd:6.4
-
cpe:2.3:o:freebsd:freebsd:7.0
-
cpe:2.3:o:freebsd:freebsd:7.1