Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systrace systrace vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2009-0342
Niels Provos Systrace prior to 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Provos Systrace 1.5
Provos Systrace 1.6
Provos Systrace 1.3
Provos Systrace 1.4
Provos Systrace 1.1
Provos Systrace 1.2
Provos Systrace 1.6d
Provos Systrace
Provos Systrace 1.6a
Provos Systrace 1.6b
Provos Systrace 1.6c
725
VMScore
CVE-2009-0343
Niels Provos Systrace 1.6f and previous versions on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in...
Niels Provos Systrace 1.6b
Niels Provos Systrace 1.6c
Niels Provos Systrace 1.1
Niels Provos Systrace 1.2
Niels Provos Systrace 1.6d
Niels Provos Systrace
Niels Provos Systrace 1.3
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Niels Provos Systrace 1.6
Niels Provos Systrace 1.6a
1 EDB exploit
668
VMScore
CVE-2007-4773
Systrace prior to 1.6.0 has insufficient escape policy enforcement.
Systrace Project Systrace
725
VMScore
CVE-2004-2012
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
Niels Provos Systrace 1.2
Niels Provos Systrace 1.3
Niels Provos Systrace 1.1
Vladimir Kotal Systrace Port For Freebsd 2004-03-09
Vladimir Kotal Systrace Port For Freebsd 2004-06-02
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Netbsd Netbsd 2.0
1 EDB exploit
625
VMScore
CVE-2007-4305
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3p5
Todd Miller Sudo 1.6.3p7
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5p1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P12
Sysjail Sysjail
Systrace Systrace
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.3p2
Todd Miller Sudo 1.6.3p3
Todd Miller Sudo 1.6.5p2
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.7
1 EDB exploit
409
VMScore
CVE-2006-5218
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
Netbsd Netbsd 3.0
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
383
VMScore
CVE-2007-4774
The Linux kernel prior to 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
Linux Linux Kernel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started