CVE-2007-4303
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/08/2007
Last modified:
05/09/2008
Description
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
Impact
Base Score 2.0
6.20
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:* | ||
cpe:2.3:a:cerb:cerbng:0.1:*:freebsd:*:*:*:*:* | ||
cpe:2.3:a:cerb:cerbng:0.2:*:freebsd:*:*:*:*:* | ||
cpe:2.3:a:cerb:cerbng:0.3:*:freebsd:*:*:*:*:* | ||
cpe:2.3:a:cerb:cerbng:0.4:*:freebsd:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page