CVE-2007-4304 - OpenCVE

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:H/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Freebsd	Freebsd
Cerb	Cerbng

Configuration 1 [-]

AND

cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*

OR	cpe:2.3:a:cerb:cerbng:0.1::freebsd:::::
	cpe:2.3:a:cerb:cerbng:0.2::freebsd:::::
	cpe:2.3:a:cerb:cerbng:0.3::freebsd:::::
	cpe:2.3:a:cerb:cerbng:0.4::freebsd:::::

References

Link	Resource
http://www.watson.org/~robert/2007woot/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:14:36

Updated: 2022-10-03T16:14:36

Reserved: 2022-10-03T00:00:00

Link: CVE-2007-4304

JSON object: View

NVD Information

Status : Analyzed

Published: 2007-08-13T21:17:00.000

Modified: 2008-09-05T21:27:54.427

Link: CVE-2007-4304

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:cerb:cerbng:0.1:*:freebsd:*:*:*:*:*", "matchCriteriaId": "0181B778-3BF9-41A3-BAA0-1D0259E64AE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerb:cerbng:0.2:*:freebsd:*:*:*:*:*", "matchCriteriaId": "F3C8CEE0-3973-4B6A-ABF1-630C56FB41E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerb:cerbng:0.3:*:freebsd:*:*:*:*:*", "matchCriteriaId": "1D418808-847A-42D7-97B8-167790F869FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerb:cerbng:0.4:*:freebsd:*:*:*:*:*", "matchCriteriaId": "54FF562D-154E-4576-BB79-467D97CA842B", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an \"incorrect write protection of pages\"."}, {"lang": "es", "value": "CerbNG para FreeBSD 4.8 no implementa protecci\u00f3n de la memoria virtual (VM) cuando intenta prevenir condiciones de carrera en envoltorios de llamadas al sistema, lo cual permite a usuarios locales tener impacto desconocido relacionado con una \"incorrecta protecci\u00f3n de escritura de p\u00e1ginas\"."}], "evaluatorComment": "More information about this vulnerability can be found at: http://www.securityfocus.com/bid/25259", "id": "CVE-2007-4304", "lastModified": "2008-09-05T21:27:54.427", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-13T21:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://www.watson.org/~robert/2007woot/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}