CVE-2007-4303: Race Condition
First published: Mon Aug 13 2007(Updated: )
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD FreeBSD | =4.8 | |
| Cerb Cerbng | =0.1 | |
| Cerb Cerbng | =0.2 | |
| Cerb Cerbng | =0.3 | |
| Cerb Cerbng | =0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/4.8
- vendor/cerb
- canonical/cerb cerbng
- version/cerb cerbng/0.1
- version/cerb cerbng/0.2
- version/cerb cerbng/0.3
- version/cerb cerbng/0.4