CVE-2007-4305
NONE EPSS 54.0%
Published Aug 13, 200718y ago · Modified Jun 16, 20262w ago
Published Aug 13, 2007 18y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
Threat Intelligence
EPSS Exploit Probability
54.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Affected Products 47
| Vendor | Product | Version | Range |
|---|---|---|---|
| netbsd | netbsd | * | any |
| openbsd | openbsd | * | any |
| sysjail | sysjail | * | any |
| systrace | systrace | * | any |
| todd_miller | sudo | 1.5.6 | any |
| todd_miller | sudo | 1.5.7 | any |
| todd_miller | sudo | 1.5.8 | any |
| todd_miller | sudo | 1.5.9 | any |
| todd_miller | sudo | 1.6 | any |
| todd_miller | sudo | 1.6.1 | any |
| todd_miller | sudo | 1.6.2 | any |
| todd_miller | sudo | 1.6.3 | any |
| todd_miller | sudo | 1.6.3_p1 | any |
| todd_miller | sudo | 1.6.3_p2 | any |
| todd_miller | sudo | 1.6.3_p3 | any |
| todd_miller | sudo | 1.6.3_p4 | any |
| todd_miller | sudo | 1.6.3_p5 | any |
| todd_miller | sudo | 1.6.3_p6 | any |
| todd_miller | sudo | 1.6.3_p7 | any |
| todd_miller | sudo | 1.6.3p1 | any |
| todd_miller | sudo | 1.6.3p2 | any |
| todd_miller | sudo | 1.6.3p3 | any |
| todd_miller | sudo | 1.6.3p4 | any |
| todd_miller | sudo | 1.6.3p5 | any |
| todd_miller | sudo | 1.6.3p6 | any |
| todd_miller | sudo | 1.6.3p7 | any |
| todd_miller | sudo | 1.6.4 | any |
| todd_miller | sudo | 1.6.4_p1 | any |
| todd_miller | sudo | 1.6.4_p2 | any |
| todd_miller | sudo | 1.6.4p1 | any |
| todd_miller | sudo | 1.6.4p2 | any |
| todd_miller | sudo | 1.6.5 | any |
| todd_miller | sudo | 1.6.5_p1 | any |
| todd_miller | sudo | 1.6.5_p2 | any |
| todd_miller | sudo | 1.6.5p1 | any |
| todd_miller | sudo | 1.6.5p2 | any |
| todd_miller | sudo | 1.6.6 | any |
| todd_miller | sudo | 1.6.7 | any |
| todd_miller | sudo | 1.6.7_p5 | any |
| todd_miller | sudo | 1.6.8 | any |
| todd_miller | sudo | 1.6.8_p1 | any |
| todd_miller | sudo | 1.6.8_p2 | any |
| todd_miller | sudo | 1.6.8_p5 | any |
| todd_miller | sudo | 1.6.8_p7 | any |
| todd_miller | sudo | 1.6.8_p8 | any |
| todd_miller | sudo | 1.6.8_p9 | any |
| todd_miller | sudo | 1.6.8_p12 | any |
References 3
- secunia.com http://secunia.com/advisories/26479
- securityfocus.com http://www.securityfocus.com/bid/25258
- watson.org http://www.watson.org/~robert/2007woot/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.