CVE-2005-3257

{"id": "CVE-2005-3257", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-10-18T22:02:00.000", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334113", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17226", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17826", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17995", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18203", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/19185", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/19369", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/19374", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2006/dsa-1017", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2006/dsa-1018", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:235", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15122", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10615", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/231-1/", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys."}], "lastModified": "2018-10-03T21:31:50.847", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}