Computer Security
[EN] securityvulns.ru no-pyccku


arpwatch protection bypass
Published:17.06.2012
Source:
SecurityVulns ID:12432
Type:local
Threat Level:
3/10
Description:Elevated privileges are dropped incorrectly.
Affected:ARPWATCH : arpwatch 2.1
CVE:CVE-2012-2653 (arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2481-1] arpwatch security update (17.06.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod