CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.2%
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
Vendor | Product | Version | CPE |
---|---|---|---|
freebsd | freebsd | 4.8 | cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:* |
cerb | cerbng | 0.1 | cpe:2.3:a:cerb:cerbng:0.1:*:freebsd:*:*:*:*:* |
cerb | cerbng | 0.2 | cpe:2.3:a:cerb:cerbng:0.2:*:freebsd:*:*:*:*:* |
cerb | cerbng | 0.3 | cpe:2.3:a:cerb:cerbng:0.3:*:freebsd:*:*:*:*:* |
cerb | cerbng | 0.4 | cpe:2.3:a:cerb:cerbng:0.4:*:freebsd:*:*:*:*:* |