Published: 03/06/2005 Updated: 05/09/2008

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

FUSE 2.x prior to 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fuse fuse 2.2
fuse fuse 2.2.1
fuse fuse 2.3_pre
fuse fuse 2.3_rc1

source: wwwsecurityfocuscom/bid/13857/info FUSE is susceptible to a local information disclosure vulnerability This issue is due to a failure of the kernel module to properly clear used memory prior to its reuse This vulnerability allows malicious local users to gain access to potentially sensitive kernel memory, aiding them in further ...

NVD-CWE-Other http://www.sven-tantau.de/public_files/fuse/fuse_20050603.txt http://sourceforge.net/project/shownotes.php?release_id=331884 http://bugs.debian.org/311634 http://www.osvdb.org/17042 http://secunia.com/advisories/15561/http://www.securityfocus.com/bid/13857 http://www.debian.org/security/2005/dsa-744 http://securitytracker.com/id?1014107 http://secunia.com/advisories/16024 https://nvd.nist.gov https://www.exploit-db.com/exploits/25789/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1858

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect