Description
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
Exploits (4)
exploitdb
WORKING POC
VERIFIED
by badc0ded · textlocalunix
https://www.exploit-db.com/exploits/21796
exploitdb
WORKING POC
VERIFIED
by badc0ded · textlocalunix
https://www.exploit-db.com/exploits/21797
exploitdb
WORKING POC
VERIFIED
by badc0ded · textlocalfreebsd
https://www.exploit-db.com/exploits/21799
References (9)
Core 9
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103228135413310&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5719
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5718
Various Sources vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5714
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10109.php
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5720
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0115.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5716
Scores
EPSS
0.0033
EPSS Percentile
55.5%
Details
Status
published
Products (5)
freebsd/freebsd
4.2
freebsd/freebsd
4.3
freebsd/freebsd
4.4
freebsd/freebsd
4.5
freebsd/freebsd
4.6
Published
Sep 24, 2002
Tracked Since
Feb 18, 2026