Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systrace systrace vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2007-4773
Systrace prior to 1.6.0 has insufficient escape policy enforcement.
Systrace Project Systrace
5.9
CVSSv3
CVE-2007-4774
The Linux kernel prior to 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
Linux Linux Kernel
NA
CVE-2009-0342
Niels Provos Systrace prior to 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Provos Systrace 1.5
Provos Systrace 1.6
Provos Systrace 1.3
Provos Systrace 1.4
Provos Systrace 1.1
Provos Systrace 1.2
Provos Systrace 1.6d
Provos Systrace
Provos Systrace 1.6a
Provos Systrace 1.6b
Provos Systrace 1.6c
NA
CVE-2009-0343
Niels Provos Systrace 1.6f and previous versions on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in...
Niels Provos Systrace 1.6b
Niels Provos Systrace 1.6c
Niels Provos Systrace 1.1
Niels Provos Systrace 1.2
Niels Provos Systrace 1.6d
Niels Provos Systrace
Niels Provos Systrace 1.3
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Niels Provos Systrace 1.6
Niels Provos Systrace 1.6a
1 EDB exploit
NA
CVE-2007-4305
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3p5
Todd Miller Sudo 1.6.3p7
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5p1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P12
Sysjail Sysjail
Systrace Systrace
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.3p2
Todd Miller Sudo 1.6.3p3
Todd Miller Sudo 1.6.5p2
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.7
1 EDB exploit
NA
CVE-2006-5218
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
Netbsd Netbsd 3.0
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
NA
CVE-2004-2012
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
Niels Provos Systrace 1.2
Niels Provos Systrace 1.3
Niels Provos Systrace 1.1
Vladimir Kotal Systrace Port For Freebsd 2004-03-09
Vladimir Kotal Systrace Port For Freebsd 2004-06-02
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Netbsd Netbsd 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started