Computer Security
[EN] securityvulns.ru no-pyccku


ScramDisk 4 for Linux privilege escalation
Published:19.04.2007
Source:
SecurityVulns ID:7607
Type:local
Threat Level:
5/10
Description:suid bit is not cleared, it's possible to mount image to system directory.
Affected:SCRAMDISK : ScramDisk 4 1.0
CVE:CVE-2007-2075 (ScramDisk 4 Linux before 1.0-1 does not perform permission checks on mount points, which allows local users to gain privileges by using a system directory as a mount point for a container.)
 CVE-2007-2074 (Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, which allows local users to gain privileges via mounted containers.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod