Vulnerabilities > CVE-2007-4304 - Local Security vulnerability in CerbNG

CVSS 6.2 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

high complexity

freebsd

cerb

NVD

Published: 2007-08-13

Updated: 2008-09-05

Summary

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages". More information about this vulnerability can be found at: http://www.securityfocus.com/bid/25259

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 4.8	1
Application	Cerb Cerb Cerbng 0.1 Cerb Cerbng 0.2 Cerb Cerbng 0.3 Cerb Cerbng 0.4	4

References

http://www.watson.org/~robert/2007woot/