Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0343

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-0343
Last Modified 19 Mar 2012 12:00:00
Published 29 Jan 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-0343

Summary

Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.

Vulnerable Systems

Application

  • Niels Provos Systrace 1.1

  • Niels Provos Systrace 1.2

  • Niels Provos Systrace 1.3

  • Niels Provos Systrace 1.4

  • Niels Provos Systrace 1.5

  • Niels Provos Systrace 1.6

  • Niels Provos Systrace 1.6a

  • Niels Provos Systrace 1.6b

  • Niels Provos Systrace 1.6c

  • Niels Provos Systrace 1.6d

  • Niels Provos Systrace 1.6e


References

BID - 33417

BUGTRAQ - 20090123 Problems with syscall filtering technologies on Linux

MISC - http://www.citi.umich.edu/u/provos/systrace/

MISC - http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html

MISC - http://scary.beasts.org/security/CESA-2009-001.html


Last Updated: 27 May 2016 10:50:12