CVE Database As of 11-21-2019

CVE-2000-0461

Impact by CVSS Score
  • ID: CVE-2000-0461
Summary:

The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.

Exploitability Analysis: Local

A vulnerability exploitable with only local access requires the attacker to have either physical access to the vulnerable system or a local (shell) account. Examples of locally exploitable vulnerabilities are peripheral attacks such as Firewire/USB DMA attacks, and local privilege escalations (e.g., sudo).

Exploitability Complexity: Low

Specialized access conditions or extenuating circumstances do not exist. The following are examples: The affected product typically requires access to a wide range of systems and users, possibly anonymous an untrusted (e.g., Internet-facing web or mail server). The affected configuration is default or ubiquitous. The attack can be performed manually and requires little skill or additional information gathering. The 'race condition' is a lazy one (i.e., it is technically a race but easily winnable).

Authentication: None

Authentication is not required to access and exploit the vulnerability.

Confidentiality Impact: None

There is no impact to the confidentiality of the system.

Integrity Impact: None

There is no impact to the integrity of the system.

Availability Impact: Partial

There is reduced performance or interruptions in resource availability. An example is a network-based flood attack that permits a limited number of successful connections to an Internet service.

Products Affected

cpe:/o:freebsd:freebsd:1.1.5.1

cpe:/o:freebsd:freebsd:2.0

cpe:/o:freebsd:freebsd:2.0.5

cpe:/o:freebsd:freebsd:2.1.0

cpe:/o:freebsd:freebsd:2.1.5

cpe:/o:freebsd:freebsd:2.1.6

cpe:/o:freebsd:freebsd:2.1.6.1

cpe:/o:freebsd:freebsd:2.1.7.1

cpe:/o:freebsd:freebsd:2.2

cpe:/o:freebsd:freebsd:2.2.2

cpe:/o:freebsd:freebsd:2.2.3

cpe:/o:freebsd:freebsd:2.2.4

cpe:/o:freebsd:freebsd:2.2.5

cpe:/o:freebsd:freebsd:2.2.6

cpe:/o:freebsd:freebsd:2.2.8

cpe:/o:freebsd:freebsd:3.0

cpe:/o:freebsd:freebsd:3.1

cpe:/o:freebsd:freebsd:3.2

cpe:/o:freebsd:freebsd:3.3

cpe:/o:freebsd:freebsd:3.4

cpe:/o:freebsd:freebsd:4.0

cpe:/o:freebsd:freebsd:4.0:alpha

cpe:/o:freebsd:freebsd:5.0

cpe:/o:freebsd:freebsd:5.0:alpha

cpe:/o:netbsd:netbsd:1.4.1::alpha

cpe:/o:netbsd:netbsd:1.4.1::arm32

cpe:/o:netbsd:netbsd:1.4.1::sparc

cpe:/o:netbsd:netbsd:1.4.2::alpha

cpe:/o:netbsd:netbsd:1.4.2::arm32

cpe:/o:netbsd:netbsd:1.4.2::sparc

cpe:/o:netbsd:netbsd:1.4.2::x86


Search
Impact
Low
CVSS Score
2.1
Created
2000-05-29 00:00:00
Modified
2008-09-10 15:04:43

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be