Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)

Severity

Critical

Family

FreeBSD Local Security Checks

CVSSv2 Base

9.3

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Vendor Patch

Created

12 years ago

Modified

5 years ago

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc

Insight

UNIX-domain sockets, also known as local sockets, are a mechanism for interprocess communication. They are similar to Internet sockets (and utilize the same system calls) but instead of relying on IP addresses and port numbers, UNIX-domain sockets have addresses in the local file system address space. When a UNIX-domain socket is attached to a location using the bind(2) system call, the length of the provided path is not validated. Later, when this address was returned via other system calls, it is copied into a fixed-length buffer.

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date.

References

https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-1

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Solution

Solution

References