FreeBSD ifconf function information disclosure

freebsd-ifconf-information-disclosure (20114) The risk level is classified as MediumMedium Risk

Description:

FreeBSD could allow a local attacker to obtain sensitive information caused by a vulnerability in the ifcon() function when generating lists of network interfaces. A local attacker could exploit this vulnerability to obtain various sensitive information from previously cached kernel memory.

Platforms Affected:

  • FreeBSD, FreeBSD 4.0 Alpha
  • FreeBSD, FreeBSD 4.0
  • FreeBSD, FreeBSD 4.1
  • FreeBSD, FreeBSD 4.1.1
  • FreeBSD, FreeBSD 4.10
  • FreeBSD, FreeBSD 4.11
  • FreeBSD, FreeBSD 4.2
  • FreeBSD, FreeBSD 4.3
  • FreeBSD, FreeBSD 4.4
  • FreeBSD, FreeBSD 4.5
  • FreeBSD, FreeBSD 4.6
  • FreeBSD, FreeBSD 4.6.2
  • FreeBSD, FreeBSD 4.7
  • FreeBSD, FreeBSD 4.8
  • FreeBSD, FreeBSD 4.9
  • FreeBSD, FreeBSD 5.0
  • FreeBSD, FreeBSD 5.0 Alpha
  • FreeBSD, FreeBSD 5.1
  • FreeBSD, FreeBSD 5.1 Alpha
  • FreeBSD, FreeBSD 5.2
  • FreeBSD, FreeBSD 5.2.1
  • FreeBSD, FreeBSD 5.3
  • FreeBSD, FreeBSD RELENG_4
  • FreeBSD, FreeBSD RELENG_4_10
  • FreeBSD, FreeBSD RELENG_4_3
  • FreeBSD, FreeBSD RELENG_4_4
  • FreeBSD, FreeBSD RELENG_4_8
  • FreeBSD, FreeBSD RELENG_4_9
  • FreeBSD, FreeBSD RELENG_5_2

Remedy:

Upgrade to the latest version of FreeBSD (RELENG_5, 5.4-STABLE, RELENG_5_4, 5.4-RELEASE-p2, RELENG_5_3, 5.3-RELEASE-p9, RELENG_4, 4.11-STABLE, RELENG_4_11, 4.11-RELEASE-p3, and RELENG_4_10 or 4.10-RELEASE-p8 or later dated after 2005-04-15 security branch), as listed in FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf. See References.

— OR—

Apply the patch for this vulnerability, as listed in FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf. See References.

Consequences:

Obtain Information

References:

  • FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf, Kernel memory disclosure in ifconf() at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:04.ifconf.asc.
  • BID-13191: FreeBSD Kernel SIOCGIFCONF Local Information Disclosure Vulnerability
  • BID-15252: Apple Mac OS X Security Update 2005-10-31 Multiple Local Vulnerabilities
  • CVE-2005-1126: The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory.
  • OSVDB ID: 15514: FreeBSD ifconf() Function Kernel Memory Disclosure
  • SA14959: FreeBSD "ifconf()" Function Kernel Memory Disclosure
  • SA17368: Mac OS X Update Fixes Multiple Vulnerabilities
  • VUPEN/ADV-2005-2256: Apple Security Update Fixes Multiple Mac OS X Vulnerabilities

Reported:

Apr 15, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page