Vulnerability title FreeBSD UNIX-domain socket processing Privilege Elevation Vulnerability
Hazard level and high risk
Whether or not to publish for the first time
Release date: 1.01.09.29
Cause of vulnerability design error
Other threats caused by Vulnerabilities
Affected Products
FreeBSD Project FreeBSD 8.1
FreeBSD Project FreeBSD 7.1
Vulnerability description
FreeBSD is a BSD-based open-source operating system. When processing the socket length, a boundary error occurs in the "uipc_bind ()" function (sys/kern/uipc_usrreq.c), which can trigger a buffer overflow. Successful exploitation of the vulnerability allows arbitrary code execution with the "root" privilege.
References
Other: SA46202
Link: http://secunia.com/advisories/46202/
Vulnerability Solution
Users can refer to the following supplier Security announcements to obtain patch information: http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc