Vulnerability Details : CVE-2005-4351

The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.

Published 2005-12-31 05:00:00

Updated 2017-07-20 01:29:14

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2005-4351

Probability of exploitation activity in the next 30 days: 0.12%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 46 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-4351

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.3	MEDIUM	AV:L/AC:L/Au:S/C:P/I:P/A:P	3.1	6.4	[email protected]
Access Vector: Local Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-4351

http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html

Exploit;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24037
http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt

Exploit;Vendor Advisory

Products affected by CVE-2005-4351

Freebsd » Freebsd » Update Stable
Versions up to, including, (<=) 6.0
cpe:2.3:o:freebsd:freebsd:*:stable:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.0 Update Current
cpe:2.3:o:freebsd:freebsd:7.0:current:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions up to, including, (<=) 2.6.15
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Openbsd » Openbsd
Versions up to, including, (<=) 3.8
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
Matching versions
Dragonfly » Dragonfly
Versions up to, including, (<=) 1.2
cpe:2.3:o:dragonfly:dragonfly:*:*:*:*:*:*:*:*
Matching versions