Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 00:35
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/26479 - | |
References | () http://www.securityfocus.com/bid/25258 - Exploit | |
References | () http://www.watson.org/~robert/2007woot/ - |
Information
Published : 2007-08-13 21:17
Updated : 2024-11-21 00:35
NVD link : CVE-2007-4305
Mitre link : CVE-2007-4305
CVE.ORG link : CVE-2007-4305
JSON object : View
Products Affected
systrace
- systrace
netbsd
- netbsd
todd_miller
- sudo
sysjail
- sysjail
openbsd
- openbsd
CWE