The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Provos_systrace | Niels | 1.1 (including) | 1.1 (including) |
Provos_systrace | Niels | 1.2 (including) | 1.2 (including) |
Provos_systrace | Niels | 1.3 (including) | 1.3 (including) |
Provos_systrace | Niels | 1.4 (including) | 1.4 (including) |
Provos_systrace | Niels | 1.5 (including) | 1.5 (including) |
Systrace_port_for_freebsd | Vladimir_kotal | 2004-03-09 (including) | 2004-03-09 (including) |
Systrace_port_for_freebsd | Vladimir_kotal | 2004-06-02 (including) | 2004-06-02 (including) |