Published: 09/08/1999 Updated: 30/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netbsd netbsd 1.3.3
netbsd netbsd 1.4
openbsd openbsd 2.0
openbsd openbsd 2.1
sun sunos -
sun sunos 5.7
sun solaris 7.0
netbsd netbsd 1.3
netbsd netbsd 1.3.2
openbsd openbsd 2.2
openbsd openbsd 2.4
sun sunos 5.1
sun sunos 5.5
sun solaris 2.5
netbsd netbsd 1.0
netbsd netbsd 1.1
netbsd netbsd 1.2
sun sunos 5.2
sun sunos 5.3
sun sunos 5.4
sun solaris 2.4
netbsd netbsd 1.2.1
netbsd netbsd 1.3.1
openbsd openbsd 2.3
openbsd openbsd 2.5
sun sunos 5.5.1
sun solaris 2.6

/* source: wwwsecurityfocuscom/bid/570/info Some *BSD's use a profil(2) system call that dates back to "version 6" unix This system call arranges for the kernel to sample the PC and increment an element of an array on every profile clock tick The security issue stems from the fact that profiling is not turned off when a process execve( ...

NVD-CWE-Other http://www.securityfocus.com/bid/570 http://www.ciac.org/ciac/bulletins/j-067.shtml https://nvd.nist.gov https://www.exploit-db.com/exploits/19447/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-0674

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect