CVE-2007-4305: Race Condition
First published: Mon Aug 13 2007(Updated: )
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetBSD NetBSD | ||
| Openbsd Openbsd | ||
| Sysjail Sysjail | ||
| Systrace Systrace | ||
| Todd Miller Sudo | =1.5.6 | |
| Todd Miller Sudo | =1.5.7 | |
| Todd Miller Sudo | =1.5.8 | |
| Todd Miller Sudo | =1.5.9 | |
| Todd Miller Sudo | =1.6 | |
| Todd Miller Sudo | =1.6.1 | |
| Todd Miller Sudo | =1.6.2 | |
| Todd Miller Sudo | =1.6.3 | |
| Todd Miller Sudo | =1.6.3_p1 | |
| Todd Miller Sudo | =1.6.3_p2 | |
| Todd Miller Sudo | =1.6.3_p3 | |
| Todd Miller Sudo | =1.6.3_p4 | |
| Todd Miller Sudo | =1.6.3_p5 | |
| Todd Miller Sudo | =1.6.3_p6 | |
| Todd Miller Sudo | =1.6.3_p7 | |
| Todd Miller Sudo | =1.6.3p1 | |
| Todd Miller Sudo | =1.6.3p2 | |
| Todd Miller Sudo | =1.6.3p3 | |
| Todd Miller Sudo | =1.6.3p4 | |
| Todd Miller Sudo | =1.6.3p5 | |
| Todd Miller Sudo | =1.6.3p6 | |
| Todd Miller Sudo | =1.6.3p7 | |
| Todd Miller Sudo | =1.6.4 | |
| Todd Miller Sudo | =1.6.4_p1 | |
| Todd Miller Sudo | =1.6.4_p2 | |
| Todd Miller Sudo | =1.6.4p1 | |
| Todd Miller Sudo | =1.6.4p2 | |
| Todd Miller Sudo | =1.6.5 | |
| Todd Miller Sudo | =1.6.5_p1 | |
| Todd Miller Sudo | =1.6.5_p2 | |
| Todd Miller Sudo | =1.6.5p1 | |
| Todd Miller Sudo | =1.6.5p2 | |
| Todd Miller Sudo | =1.6.6 | |
| Todd Miller Sudo | =1.6.7 | |
| Todd Miller Sudo | =1.6.7_p5 | |
| Todd Miller Sudo | =1.6.8 | |
| Todd Miller Sudo | =1.6.8_p1 | |
| Todd Miller Sudo | =1.6.8_p2 | |
| Todd Miller Sudo | =1.6.8_p5 | |
| Todd Miller Sudo | =1.6.8_p7 | |
| Todd Miller Sudo | =1.6.8_p8 | |
| Todd Miller Sudo | =1.6.8_p9 | |
| Todd Miller Sudo | =1.6.8_p12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/netbsd
- canonical/netbsd netbsd
- vendor/openbsd
- canonical/openbsd openbsd
- vendor/sysjail
- canonical/sysjail sysjail
- vendor/systrace
- canonical/systrace systrace
- vendor/todd miller
- canonical/todd miller sudo
- version/todd miller sudo/1.5.6
- version/todd miller sudo/1.5.7
- version/todd miller sudo/1.5.8
- version/todd miller sudo/1.5.9
- version/todd miller sudo/1.6
- version/todd miller sudo/1.6.1
- version/todd miller sudo/1.6.2
- version/todd miller sudo/1.6.3
- version/todd miller sudo/1.6.3_p1
- version/todd miller sudo/1.6.3_p2
- version/todd miller sudo/1.6.3_p3
- version/todd miller sudo/1.6.3_p4
- version/todd miller sudo/1.6.3_p5
- version/todd miller sudo/1.6.3_p6
- version/todd miller sudo/1.6.3_p7
- version/todd miller sudo/1.6.3p1
- version/todd miller sudo/1.6.3p2
- version/todd miller sudo/1.6.3p3
- version/todd miller sudo/1.6.3p4
- version/todd miller sudo/1.6.3p5
- version/todd miller sudo/1.6.3p6
- version/todd miller sudo/1.6.3p7
- version/todd miller sudo/1.6.4
- version/todd miller sudo/1.6.4_p1
- version/todd miller sudo/1.6.4_p2
- version/todd miller sudo/1.6.4p1
- version/todd miller sudo/1.6.4p2
- version/todd miller sudo/1.6.5
- version/todd miller sudo/1.6.5_p1
- version/todd miller sudo/1.6.5_p2
- version/todd miller sudo/1.6.5p1
- version/todd miller sudo/1.6.5p2
- version/todd miller sudo/1.6.6
- version/todd miller sudo/1.6.7
- version/todd miller sudo/1.6.7_p5
- version/todd miller sudo/1.6.8
- version/todd miller sudo/1.6.8_p1
- version/todd miller sudo/1.6.8_p2
- version/todd miller sudo/1.6.8_p5
- version/todd miller sudo/1.6.8_p7
- version/todd miller sudo/1.6.8_p8
- version/todd miller sudo/1.6.8_p9
- version/todd miller sudo/1.6.8_p12