Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systrace systrace vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2007-4773
Systrace prior to 1.6.0 has insufficient escape policy enforcement.
Systrace Project Systrace
5.9
CVSSv3
CVE-2007-4774
The Linux kernel prior to 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
Linux Linux Kernel
NA
CVE-2009-0342
Niels Provos Systrace prior to 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Provos Systrace
Provos Systrace 1.1
Provos Systrace 1.2
Provos Systrace 1.3
Provos Systrace 1.4
Provos Systrace 1.5
Provos Systrace 1.6
Provos Systrace 1.6a
Provos Systrace 1.6b
Provos Systrace 1.6c
Provos Systrace 1.6d
NA
CVE-2009-0343
Niels Provos Systrace 1.6f and previous versions on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in...
Niels Provos Systrace
Niels Provos Systrace 1.1
Niels Provos Systrace 1.2
Niels Provos Systrace 1.3
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Niels Provos Systrace 1.6
Niels Provos Systrace 1.6a
Niels Provos Systrace 1.6b
Niels Provos Systrace 1.6c
Niels Provos Systrace 1.6d
1 EDB exploit
NA
CVE-2007-4305
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Sysjail Sysjail
Systrace Systrace
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.3p2
Todd Miller Sudo 1.6.3p3
Todd Miller Sudo 1.6.3p4
Todd Miller Sudo 1.6.3p5
1 EDB exploit
NA
CVE-2006-5218
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
Netbsd Netbsd 3.0
NA
CVE-2004-2012
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
Niels Provos Systrace 1.3
Vladimir Kotal Systrace Port For Freebsd 2004-06-02
Niels Provos Systrace 1.5
Vladimir Kotal Systrace Port For Freebsd 2004-03-09
Niels Provos Systrace 1.2
Niels Provos Systrace 1.1
Niels Provos Systrace 1.4
Netbsd Netbsd 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started