BID:13191

FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability

Info

FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability

Bugtraq ID:	13191
Class:	Access Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 15 2005 12:00AM
Updated:	Apr 15 2005 12:00AM
Credit:	The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue.
Vulnerable:	FreeBSD FreeBSD 5.3 -STABLE FreeBSD FreeBSD 5.3 -RELENG FreeBSD FreeBSD 5.3 -RELEASE FreeBSD FreeBSD 5.3 FreeBSD FreeBSD 5.2.1 -RELEASE FreeBSD FreeBSD 5.2 -RELENG FreeBSD FreeBSD 5.2 -RELEASE FreeBSD FreeBSD 5.2 FreeBSD FreeBSD 5.1 -RELENG FreeBSD FreeBSD 5.1 -RELEASE/Alpha FreeBSD FreeBSD 5.1 -RELEASE-p5 FreeBSD FreeBSD 5.1 -RELEASE FreeBSD FreeBSD 5.1 FreeBSD FreeBSD 5.0 -RELENG FreeBSD FreeBSD 5.0 -RELEASE-p14 FreeBSD FreeBSD 5.0 alpha FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.11 -STABLE FreeBSD FreeBSD 4.10 -RELENG FreeBSD FreeBSD 4.10 -RELEASE FreeBSD FreeBSD 4.10 FreeBSD FreeBSD 4.9 -RELENG FreeBSD FreeBSD 4.9 -PRERELEASE FreeBSD FreeBSD 4.9 FreeBSD FreeBSD 4.8 -RELENG FreeBSD FreeBSD 4.8 -RELEASE-p7 FreeBSD FreeBSD 4.8 -PRERELEASE FreeBSD FreeBSD 4.8 FreeBSD FreeBSD 4.7 -STABLE FreeBSD FreeBSD 4.7 -RELENG FreeBSD FreeBSD 4.7 -RELEASE-p17 FreeBSD FreeBSD 4.7 -RELEASE FreeBSD FreeBSD 4.7 FreeBSD FreeBSD 4.6.2 FreeBSD FreeBSD 4.6 -STABLE FreeBSD FreeBSD 4.6 -RELENG FreeBSD FreeBSD 4.6 -RELEASE-p20 FreeBSD FreeBSD 4.6 -RELEASE FreeBSD FreeBSD 4.6 FreeBSD FreeBSD 4.5 -STABLEpre2002-03-07 FreeBSD FreeBSD 4.5 -STABLE FreeBSD FreeBSD 4.5 -RELENG FreeBSD FreeBSD 4.5 -RELEASE-p32 FreeBSD FreeBSD 4.5 -RELEASE FreeBSD FreeBSD 4.5 FreeBSD FreeBSD 4.4 -STABLE FreeBSD FreeBSD 4.4 -RELENG FreeBSD FreeBSD 4.4 -RELENG FreeBSD FreeBSD 4.4 -RELEASE-p42 FreeBSD FreeBSD 4.4 FreeBSD FreeBSD 4.3 -STABLE FreeBSD FreeBSD 4.3 -RELENG FreeBSD FreeBSD 4.3 -RELEASE-p38 FreeBSD FreeBSD 4.3 -RELEASE FreeBSD FreeBSD 4.3 FreeBSD FreeBSD 4.2 -STABLEpre122300 FreeBSD FreeBSD 4.2 -STABLEpre050201 FreeBSD FreeBSD 4.2 -STABLE FreeBSD FreeBSD 4.2 -RELEASE FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.1.1 -STABLE FreeBSD FreeBSD 4.1.1 -RELEASE FreeBSD FreeBSD 4.1.1 FreeBSD FreeBSD 4.1 FreeBSD FreeBSD 4.0 .x FreeBSD FreeBSD 4.0 -RELENG FreeBSD FreeBSD 4.0 alpha FreeBSD FreeBSD 4.0

Not Vulnerable:	FreeBSD FreeBSD 5.4 -RELEASE

Discussion

FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability

A local information disclosure vulnerability affects the FreeBSD kernel. This issue is due to a failure of the affected kernel to securely handle potentially sensitive memory when providing data to user processes.

An attacker can reveal up to twelve bytes of potentially sensitive data by successfully leveraging this issue; this may lead to further attacks against the affected computer.

Exploit / POC

FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability

No exploit is required to leverage this issue.

Solution / Fix

FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability

Solution:
FreeBSD has released advisory FreeBSD-SA-05:04 along with patches dealing with this issue.

FreeBSD FreeBSD 4.0 -RELENG

FreeBSD ifconf4.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf4.patch

FreeBSD FreeBSD 4.10 -RELENG

FreeBSD ifconf4.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf4.patch

FreeBSD FreeBSD 4.11 -STABLE

FreeBSD ifconf4.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf4.patch

FreeBSD FreeBSD 5.3

FreeBSD ifconf5.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf5.patch

FreeBSD FreeBSD 5.3 -RELEASE

FreeBSD ifconf5.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf5.patch

FreeBSD FreeBSD 5.3 -RELENG

FreeBSD ifconf5.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf5.patch

References

FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability

References:

FreeBSD Homepage (FreeBSD)