Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
systrace systrace vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2009-0342
Niels Provos Systrace prior to 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Provos Systrace 1.5
Provos Systrace 1.6
Provos Systrace 1.3
Provos Systrace 1.4
Provos Systrace 1.1
Provos Systrace 1.2
Provos Systrace 1.6d
Provos Systrace
Provos Systrace 1.6a
Provos Systrace 1.6b
Provos Systrace 1.6c
725
VMScore
CVE-2009-0343
Niels Provos Systrace 1.6f and previous versions on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in...
Niels Provos Systrace 1.6b
Niels Provos Systrace 1.6c
Niels Provos Systrace 1.1
Niels Provos Systrace 1.2
Niels Provos Systrace 1.6d
Niels Provos Systrace
Niels Provos Systrace 1.3
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Niels Provos Systrace 1.6
Niels Provos Systrace 1.6a
1 EDB exploit
668
VMScore
CVE-2007-4773
Systrace prior to 1.6.0 has insufficient escape policy enforcement.
Systrace Project Systrace
725
VMScore
CVE-2004-2012
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
Niels Provos Systrace 1.2
Niels Provos Systrace 1.3
Niels Provos Systrace 1.1
Vladimir Kotal Systrace Port For Freebsd 2004-03-09
Vladimir Kotal Systrace Port For Freebsd 2004-06-02
Niels Provos Systrace 1.4
Niels Provos Systrace 1.5
Netbsd Netbsd 2.0
1 EDB exploit
625
VMScore
CVE-2007-4305
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3p5
Todd Miller Sudo 1.6.3p7
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5p1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P12
Sysjail Sysjail
Systrace Systrace
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.3p2
Todd Miller Sudo 1.6.3p3
Todd Miller Sudo 1.6.5p2
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.7
1 EDB exploit
409
VMScore
CVE-2006-5218
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
Netbsd Netbsd 3.0
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
383
VMScore
CVE-2007-4774
The Linux kernel prior to 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
Linux Linux Kernel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started