What is the severity of CVE-2004-1066?

CVE-2004-1066 is considered a denial of service vulnerability that can also expose kernel memory.

How do I fix CVE-2004-1066?

To mitigate CVE-2004-1066, it is recommended to upgrade to a patched version of FreeBSD that addresses this vulnerability.

Which versions of FreeBSD are affected by CVE-2004-1066?

CVE-2004-1066 affects FreeBSD versions 4.0 to 5.3, including specific releases like 4.1.1, 4.10, and 5.3-release.

Can CVE-2004-1066 be exploited remotely?

CVE-2004-1066 is a local vulnerability, meaning it requires local user access to exploit.

What are the potential impacts of CVE-2004-1066?

The potential impacts of CVE-2004-1066 include denial of service, system crashes, and unauthorized access to sensitive kernel memory.

Vulnerability/
CVE-2004-1066

low

3.6

CWE

NVD-CWE-Other

5/12/2004

8/8/2024

CVE-2004-1066

First published: Sun Dec 05 2004(Updated: )

The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
FreeBSD Kernel	=4.0
FreeBSD Kernel	=4.1
FreeBSD Kernel	=4.1.1
FreeBSD Kernel	=4.2
FreeBSD Kernel	=4.3
FreeBSD Kernel	=4.4
FreeBSD Kernel	=4.5
FreeBSD Kernel	=4.6
FreeBSD Kernel	=4.7
FreeBSD Kernel	=4.8
FreeBSD Kernel	=4.8-releng
FreeBSD Kernel	=4.9
FreeBSD Kernel	=4.10
FreeBSD Kernel	=4.10-release
FreeBSD Kernel	=4.10-releng
FreeBSD Kernel	=5.0
FreeBSD Kernel	=5.1
FreeBSD Kernel	=5.2
FreeBSD Kernel	=5.2.1-release
FreeBSD Kernel	=5.2.1-releng
FreeBSD Kernel	=5.3
FreeBSD Kernel	=5.3-release
FreeBSD Kernel	=5.3-stable

Never miss a vulnerability like this again

Reference Links

https://exchange.xforce.ibmcloud.com/vulnerabilities/18321

Frequently Asked Questions

What is the severity of CVE-2004-1066?
CVE-2004-1066 is considered a denial of service vulnerability that can also expose kernel memory.
How do I fix CVE-2004-1066?
To mitigate CVE-2004-1066, it is recommended to upgrade to a patched version of FreeBSD that addresses this vulnerability.
Which versions of FreeBSD are affected by CVE-2004-1066?
CVE-2004-1066 affects FreeBSD versions 4.0 to 5.3, including specific releases like 4.1.1, 4.10, and 5.3-release.
Can CVE-2004-1066 be exploited remotely?
CVE-2004-1066 is a local vulnerability, meaning it requires local user access to exploit.
What are the potential impacts of CVE-2004-1066?
The potential impacts of CVE-2004-1066 include denial of service, system crashes, and unauthorized access to sensitive kernel memory.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/freebsd
canonical/freebsd kernel
version/freebsd kernel/4.0
version/freebsd kernel/4.1
version/freebsd kernel/4.1.1
version/freebsd kernel/4.2
version/freebsd kernel/4.3
version/freebsd kernel/4.4
version/freebsd kernel/4.5
version/freebsd kernel/4.6
version/freebsd kernel/4.7
version/freebsd kernel/4.8
version/freebsd kernel/4.8-releng
version/freebsd kernel/4.9
version/freebsd kernel/4.10
version/freebsd kernel/4.10-release
version/freebsd kernel/4.10-releng
version/freebsd kernel/5.0
version/freebsd kernel/5.1
version/freebsd kernel/5.2
version/freebsd kernel/5.2.1-release
version/freebsd kernel/5.2.1-releng
version/freebsd kernel/5.3
version/freebsd kernel/5.3-release
version/freebsd kernel/5.3-stable