CVE-2005-4351

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 3.1 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html Exploit Vendor Advisory
http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt Exploit Vendor Advisory
http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/24037
http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html Exploit Vendor Advisory
http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt Exploit Vendor Advisory
http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/24037
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:dragonfly:dragonfly:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:current:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:04

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html - () http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html -
References () http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html - Exploit, Vendor Advisory () http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html - Exploit, Vendor Advisory
References () http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt - Exploit, Vendor Advisory () http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt - Exploit, Vendor Advisory
References () http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt - () http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/24037 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/24037 -
Information

Published : 2005-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2005-4351

Mitre link : CVE-2005-4351

CVE.ORG link : CVE-2005-4351

JSON object : View

Products Affected

linux

  • linux_kernel

freebsd

  • freebsd

openbsd

  • openbsd

dragonfly

  • dragonfly
CWE
NVD-CWE-Other