VYPR

Systrace

by Libevent Project

CVEs (5)

  • CVE-2009-0343Jan 29, 2009
    risk 0.03cvss epss 0.01

    Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in…

  • CVE-2007-4305Aug 13, 2007
    risk 0.03cvss epss 0.01

    Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.

  • CVE-2004-2012Dec 31, 2004
    risk 0.03cvss epss 0.01

    The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.

  • CVE-2007-4773Jan 15, 2020
    risk 0.00cvss epss 0.02

    Systrace before 1.6.0 has insufficient escape policy enforcement.

  • CVE-2009-0342Jan 29, 2009
    risk 0.00cvss epss 0.00

    Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.