{"vuid":"VU#259787","idnumber":"259787","name":"OpenBSD contains buffer overflow in \"select\" call","keywords":["OpenBSD","buffer overflow","select call","signed integer","unsigned integer"],"overview":"A locally exploitable buffer overflow exists in all versions of OpenBSD.","clean_desc":"The buffer overflow exists in the select(2) system call. The overflow occurs if select is supplied with arbitrary negative values.","impact":"Local users can gain system privileges and execute code in the context of the kernel.","resolution":"From the OpenBSD Security Advisory: \"Apply one of the supplied kernel patches or update to 3.0-stable or 3.1-stable from 2002-08-11 17:00 EDT or later.\"","workarounds":"","sysaffected":"","thanks":"Thanks to Niels Provos for reporting this vulnerability.","author":"This document was written by Ian A Finlay.","public":["ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/014_scarg.patch","http://www.securityfocus.com/bid/5442"],"cveids":["CVE-2002-1420"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-08-12T16:37:51Z","publicdate":"2002-08-11T00:00:00Z","datefirstpublished":"2002-08-15T17:07:08Z","dateupdated":"2002-12-13T13:33:53Z","revision":8,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"10","cam_internetinfrastructure":"5","cam_population":"20","cam_impact":"20","cam_easeofexploitation":"8","cam_attackeraccessrequired":"10","cam_scorecurrent":"18","cam_scorecurrentwidelyknown":"21","cam_scorecurrentwidelyknownexploited":"27","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":18.0,"vulnote":null}