MyServer privilege escalation
Published:		29.03.2007
Source:		CVE
SecurityVulns ID:		7498
Type:		local
Level:		5/10
Description:		suid() is called before sgid() for CGI applications.

Affected:		MYSERVER : MyServer 0.8
CVE:		CVE-2007-1588 (server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.)

Discuss:

Read or add your comments to this news (0 comments)