Computer Security

opie security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



opie security vulnerabilities
Published:26.07.2011
Source:BUGTRAQ
SecurityVulns ID:11810
Type:library
Level:5/10
Description:Privilege escalation, off-by-one buffer overflow.
Affected:OPIE : opie 2.32
CVE:CVE-2011-2490 (opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.)
 CVE-2011-2489 (Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2281-1] opie security update (26.07.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru