CVE-2007-4303

Sažetak

Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.

Reference

http://secunia.com/advisories/26474
http://www.securityfocus.com/bid/25259
http://www.watson.org/~robert/2007woot/

CVSS

Base:	6.2
Impact:	10.0
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

05-09-2008 - 21:27

Objavljeno

13-08-2007 - 21:17