Computer Security
[EN] securityvulns.ru no-pyccku


seunshare privileges escalation
Published:15.05.2014
Source:
SecurityVulns ID:13781
Type:local
Threat Level:
5/10
Description:Insufficient privileges drop.
Affected:POLICYCOREUTILS : policycoreutils 2.2
CVE:CVE-2014-3215 (seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.)
Original documentdocumentcve-assign_(at)_mitre.org, [oss-security] Re: local privilege escalation due to capng_lock as used in seunshare (15.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod