CVE-2004-1066

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 4.8 through 5.3

Description: The issue is related to the cmdline pseudofiles in procfs and linprocfs, which do not properly validate a process argument vector. This allows local users to cause a denial of service, resulting in a system panic, or to read portions of kernel memory.

Recommendations: For FreeBSD versions 4.8 through 5.3, consider restricting access to the procfs and linprocfs filesystems to minimize the risk of exploitation. As a temporary workaround, limit the use of the cmdline pseudofiles until a patch is available.