loop-aes-utils / util-linux privilege escalation
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
loop-aes-utils / util-linux privilege escalation
Published:
06.01.2008
Source:
BUGTRAQ
SecurityVulns ID:
8535
Type:
local
Level:
5
/10
Description:
Group privileges are not properly dropped.
Affected:
LOOPEASUTILS
:
loop-aes-utils 2.12
UTILLINUX
:
util-linux 2.12
CVE:
CVE-2007-5191
(mount and umount in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.)
Original document
DEBIAN
,
[SECURITY] [DSA 1450-1] New util-linux packages fix programming error
(
06.01.2008
)
DEBIAN
,
[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error
(
06.01.2008
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
