Computer Security
[EN] securityvulns.ru no-pyccku


MyServer privilege escalation
Published:29.03.2007
Source:
SecurityVulns ID:7498
Type:local
Threat Level:
5/10
Description:suid() is called before sgid() for CGI applications.
Affected:MYSERVER : MyServer 0.8
CVE:CVE-2007-1588 (server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod