CVE-2001-1559
published 2001-12-31CVE-2001-1559: The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function…
PriorityP410medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EXPLOIT
EPSS
1.48%
70.7th percentile
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openbsd | openbsd | — | — |
| openbsd | openbsd | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Incorrect Provision of Specified Functionality
mitre_cwe·CVSS 2.1
[LOW] CWE-684 Incorrect Provision of Specified Functionality
CWE-684: Incorrect Provision of Specified Functionality
The code does not function according to its published specifications, potentially leading to incorrect usage.
When providing functionality to an external party, it is important that the product behaves in accordance with the details specified. When requirements of nuances are not documented, the functionality may produce unintended behaviors for the caller, possibly leading to an exploitable state.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Other. Impact: Quality Degradation.
Potential Mitigations:
[Implementation] Ensure that your code strictly conforms to specifications.
Examples:
In the following snippet from a doPost() servlet method, the server returns "200 OK" (default) even if an error occurs
CWE
Return of Wrong Status Code
mitre_cwe·CVSS 4.6
[MEDIUM] CWE-393 Return of Wrong Status Code
CWE-393: Return of Wrong Status Code
A function or operation returns an incorrect return value or status code that does not indicate the true result of execution, causing the product to modify its behavior based on the incorrect result.
This can lead to unpredictable behavior. If the function is used to make security-critical decisions or provide security-critical information, then the wrong status code can cause the product to assume that an action is safe or correct, even when it is not.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Other. Impact: Unexpected State, Alter Execution Logic. This weakness could place the system in a state that could lead unexpected logic to be executed or other unintended behaviors.
Detection Methods:
Fuzzing: Fuzz
CWE
NULL Pointer Dereference
mitre_cwe
CWE-476 NULL Pointer Dereference
CWE-476: NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Availability. Impact: DoS: Crash, Exit, or Restart. NULL pointer dereferences usually result in the failure of the process unless exception handling (on some platforms) is available and implemented. Even when exception handling is being used, it can still be very difficult to return the software to a safe state of operation.
Scope: Integrity, Confidentiality. Impact: Execute Unauthorized Code or Commands, Read Memory, Modify Memory. In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code ex
http://archives.neohapsis.com/archives/bugtraq/2001-12/0014.htmlhttp://monkey.org/openbsd/archive/tech/0112/msg00015.htmlhttp://www.iss.net/security_center/static/7690.phphttp://archives.neohapsis.com/archives/bugtraq/2001-12/0014.htmlhttp://monkey.org/openbsd/archive/tech/0112/msg00015.htmlhttp://www.iss.net/security_center/static/7690.php
2001-12-31
Published