Vulnerability CVE-2007-4302


Published: 2007-08-13   Modified: 2012-02-12

Description:
Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.

CVSS2 => (AV:L/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.2/10
10/10
1.9/10
Exploit range
Attack complexity
Authentication
Local
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Freshmeat -> Generic software wrappers toolkit 

 References:
http://www.watson.org/~robert/2007woot/
http://www.securityfocus.com/bid/25251
http://secunia.com/advisories/26469

Copyright 2022, cxsecurity.com

 

Back to Top