CVE-2009-1436

Name of the Vulnerable Software and Affected Versions FreeBSD versions 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE

Description The issue is related to the db interface in libc, which does not properly initialize memory for Berkeley DB 1.85 database structures. This allows local users to obtain sensitive information by reading a database file.

Recommendations For FreeBSD versions 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE, consider updating to a newer version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.