Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

systrace systrace vulnerabilities and exploits

(subscribe to this query)
641
VMScore
CVE-2009-0342
Niels Provos Systrace prior to 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Provos Systrace 1.5Provos Systrace 1.6Provos Systrace 1.3Provos Systrace 1.4Provos Systrace 1.1Provos Systrace 1.2Provos Systrace 1.6dProvos SystraceProvos Systrace 1.6aProvos Systrace 1.6bProvos Systrace 1.6c
725
VMScore
CVE-2009-0343
Niels Provos Systrace 1.6f and previous versions on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in...
Niels Provos Systrace 1.6bNiels Provos Systrace 1.6cNiels Provos Systrace 1.1Niels Provos Systrace 1.2Niels Provos Systrace 1.6dNiels Provos SystraceNiels Provos Systrace 1.3Niels Provos Systrace 1.4Niels Provos Systrace 1.5Niels Provos Systrace 1.6Niels Provos Systrace 1.6a
668
VMScore
CVE-2007-4773
Systrace prior to 1.6.0 has insufficient escape policy enforcement.
Systrace Project Systrace
725
VMScore
CVE-2004-2012
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
Niels Provos Systrace 1.2Niels Provos Systrace 1.3Niels Provos Systrace 1.1Vladimir Kotal Systrace Port For Freebsd 2004-03-09Vladimir Kotal Systrace Port For Freebsd 2004-06-02Niels Provos Systrace 1.4Niels Provos Systrace 1.5Netbsd Netbsd 2.0
625
VMScore
CVE-2007-4305
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Todd Miller Sudo 1.5.7Todd Miller Sudo 1.5.9Todd Miller Sudo 1.6.1Todd Miller Sudo 1.6.3 P3Todd Miller Sudo 1.6.3 P5Todd Miller Sudo 1.6.3p5Todd Miller Sudo 1.6.3p7Todd Miller Sudo 1.6.4p2Todd Miller Sudo 1.6.5 P1Todd Miller Sudo 1.6.5p1Todd Miller Sudo 1.6.8Todd Miller Sudo 1.6.8 P12Sysjail SysjailSystrace SystraceTodd Miller Sudo 1.5.6Todd Miller Sudo 1.6.3 P7Todd Miller Sudo 1.6.3p1Todd Miller Sudo 1.6.3p2Todd Miller Sudo 1.6.3p3Todd Miller Sudo 1.6.5p2Todd Miller Sudo 1.6.6Todd Miller Sudo 1.6.7
409
VMScore
CVE-2006-5218
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
Netbsd Netbsd 3.0Openbsd Openbsd 3.8Openbsd Openbsd 3.9
383
VMScore
CVE-2007-4774
The Linux kernel prior to 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
Linux Linux Kernel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook