Published: 15/12/2003 Updated: 18/10/2016

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 470

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openbsd openbsd 3.3
openbsd openbsd 3.4

/** OpenBSD 2x - 33 **/ /** exec_ibcs2_coff_prep_zmagic() kernel stack overflow **/ /** note: ibcs2 binary compatibility with SCO and ISC is enabled **/ /** in the default install **/ /** Copyright Feb ...

// // Patch ftp://ftpopenbsdorg/pub/OpenBSD/patches/34/common/005_execpatch // #include <sys/typesh> #include <sys/stath> #include <fcntlh> #include <stdioh> /* $OpenBSD: ibcs2_exech,v 13 2002/03/14 01:26:50 millert Exp $ */ /* $NetBSD: ibcs2_exech,v 14 1995/03/14 15:12:24 scottb Exp $ */ /* * Copyright (c) 199 ...

NVD-CWE-Other ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch http://www.guninski.com/msuxobsd2.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013315.html http://www.openbsd.org/errata33.html http://www.securityfocus.com/bid/8978 http://marc.info/?l=openbsd-security-announce&m=106808820119679&w=2 http://marc.info/?l=openbsd-security-announce&m=106917441524978&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/125/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0955

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect