Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0342

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-0342
Last Modified 19 Mar 2012 12:00:00
Published 29 Jan 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-0342

Summary

Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.

Vulnerable Systems

Application

  • Provos Systrace 1.1

  • Provos Systrace 1.2

  • Provos Systrace 1.3

  • Provos Systrace 1.4

  • Provos Systrace 1.5

  • Provos Systrace 1.6

  • Provos Systrace 1.6a

  • Provos Systrace 1.6b

  • Provos Systrace 1.6c

  • Provos Systrace 1.6d

  • Provos Systrace 1.6e


References

BID - 33417

BUGTRAQ - 20090123 Problems with syscall filtering technologies on Linux

CONFIRM - http://www.citi.umich.edu/u/provos/systrace/

MISC - http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html

MISC - http://scary.beasts.org/security/CESA-2009-001.html


Last Updated: 27 May 2016 10:50:12