CVE-2005-2827
published 2005-12-14CVE-2005-2827: The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps…
PriorityP428high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
2.72%
84.2th percentile
The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_nt | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4xxg-53f5-6j6q: The thread termination routine in the kernel for Windows NT 4
ghsa_unreviewed·2022-05-01
CVE-2005-2827 [HIGH] GHSA-4xxg-53f5-6j6q: The thread termination routine in the kernel for Windows NT 4
The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."
Red Hat
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5302 [LOW] perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Red Hat
perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5303 [LOW] perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Red Hat
perl: insecure use of chmod in rmtree
vendor_redhat·2008-06-20·CVSS 2.6
CVE-2008-2827 [LOW] perl: insecure use of chmod in rmtree
perl: insecure use of chmod in rmtree
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Statement: Not vulnerable. This issue did not affect the versions of perl as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1, or Solaris versions of Red Hat Directory Server 7.1 and 8, Certificate System 7.x.
No detection rules found.
http://secunia.com/advisories/15821http://secunia.com/advisories/18064http://secunia.com/advisories/18311http://securityreason.com/securityalert/252http://securitytracker.com/id?1015347http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdfhttp://www.eeye.com/html/research/advisories/AD20051213.htmlhttp://www.osvdb.org/18823http://www.securityfocus.com/archive/1/419377/100/0/threadedhttp://www.securityfocus.com/bid/15826http://www.vupen.com/english/advisories/2005/2868http://www.vupen.com/english/advisories/2005/2909http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-055https://exchange.xforce.ibmcloud.com/vulnerabilities/23447https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1583http://secunia.com/advisories/15821http://secunia.com/advisories/18064http://secunia.com/advisories/18311http://securityreason.com/securityalert/252http://securitytracker.com/id?1015347http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdfhttp://www.eeye.com/html/research/advisories/AD20051213.htmlhttp://www.osvdb.org/18823http://www.securityfocus.com/archive/1/419377/100/0/threadedhttp://www.securityfocus.com/bid/15826http://www.vupen.com/english/advisories/2005/2868http://www.vupen.com/english/advisories/2005/2909http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-055https://exchange.xforce.ibmcloud.com/vulnerabilities/23447https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1583
2005-12-14
Published