RSS   Vulnerabilities for 'Cerbng'   RSS

2007-08-13
 
CVE-2007-4304

 

 
CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".

 
 
CVE-2007-4303

 

 
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.

 


Copyright 2024, cxsecurity.com

 

Back to Top