Computer Security

ScramDisk 4 for Linux privilege escalation
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



ScramDisk 4 for Linux privilege escalation
Published:19.04.2007
Source:CVE
SecurityVulns ID:7607
Type:local
Level:5/10
Description:suid bit is not cleared, it's possible to mount image to system directory.
Affected:SCRAMDISK : ScramDisk 4 1.0
CVE:CVE-2007-2075 (ScramDisk 4 Linux before 1.0-1 does not perform permission checks on mount points, which allows local users to gain privileges by using a system directory as a mount point for a container.)
 CVE-2007-2074 (Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, which allows local users to gain privileges via mounted containers.)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server