CVE-2005-0637 (GCVE-0-2005-0637)

Vulnerability from cvelistv5 – Published: 2005-03-04 05:00 – Updated: 2024-08-07 21:21
VLAI?
Summary
The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.openbsd.org/errata.html#copy vendor-advisoryx_refsource_OPENBSD
http://securitytracker.com/id?1013333 vdb-entryx_refsource_SECTRACK
http://www.openbsd.org/errata.html#copy vendor-advisoryx_refsource_OPENBSD
http://www.openbsd.org/errata35.html#locore vendor-advisoryx_refsource_OPENBSD
http://www.securityfocus.com/bid/12825 vdb-entryx_refsource_BID
http://secunia.com/advisories/14432 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:21:06.543Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050228 011: SECURITY FIX: February 28, 2005   i386 only",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata.html#copy"
          },
          {
            "name": "1013333",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013333"
          },
          {
            "name": "20050316 012: SECURITY FIX: March 16, 2005   amd64 only",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata.html#copy"
          },
          {
            "name": "20050228 028: SECURITY FIX: February 28, 2005",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata35.html#locore"
          },
          {
            "name": "12825",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12825"
          },
          {
            "name": "14432",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14432"
          },
          {
            "name": "openbsd-copy-functions(19531)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19531"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20050228 011: SECURITY FIX: February 28, 2005   i386 only",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata.html#copy"
        },
        {
          "name": "1013333",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013333"
        },
        {
          "name": "20050316 012: SECURITY FIX: March 16, 2005   amd64 only",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata.html#copy"
        },
        {
          "name": "20050228 028: SECURITY FIX: February 28, 2005",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata35.html#locore"
        },
        {
          "name": "12825",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12825"
        },
        {
          "name": "14432",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14432"
        },
        {
          "name": "openbsd-copy-functions(19531)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19531"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0637",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050228 011: SECURITY FIX: February 28, 2005   i386 only",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata.html#copy"
            },
            {
              "name": "1013333",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1013333"
            },
            {
              "name": "20050316 012: SECURITY FIX: March 16, 2005   amd64 only",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata.html#copy"
            },
            {
              "name": "20050228 028: SECURITY FIX: February 28, 2005",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata35.html#locore"
            },
            {
              "name": "12825",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12825"
            },
            {
              "name": "14432",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14432"
            },
            {
              "name": "openbsd-copy-functions(19531)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19531"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0637",
    "datePublished": "2005-03-04T05:00:00",
    "dateReserved": "2005-03-04T00:00:00",
    "dateUpdated": "2024-08-07T21:21:06.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDA160D4-5CAB-44E7-880A-59DD98FEAD62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4D84D7A-EB7C-4196-B8B6-7B703C8055C2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory.\"}]",
      "id": "CVE-2005-0637",
      "lastModified": "2024-11-20T23:55:34.990",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-05-02T04:00:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/14432\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1013333\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openbsd.org/errata.html#copy\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openbsd.org/errata.html#copy\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openbsd.org/errata35.html#locore\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/12825\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/19531\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/14432\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1013333\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openbsd.org/errata.html#copy\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openbsd.org/errata.html#copy\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openbsd.org/errata35.html#locore\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/12825\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/19531\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-0637\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-05-02T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDA160D4-5CAB-44E7-880A-59DD98FEAD62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4D84D7A-EB7C-4196-B8B6-7B703C8055C2\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/14432\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1013333\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.openbsd.org/errata.html#copy\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openbsd.org/errata.html#copy\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openbsd.org/errata35.html#locore\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/12825\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19531\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/14432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1013333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.openbsd.org/errata.html#copy\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openbsd.org/errata.html#copy\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openbsd.org/errata35.html#locore\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/12825\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.