lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Jun 15 20:01:13 2006 From: jmforbes at rpath.com (Justin M. Forbes) Subject: rPSA-2006-0105-1 arts rPath Security Advisory: 2006-0105-1 Published: 2006-06-15 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Local Root Non-deterministic Privilege Escalation Updated Versions: arts=/conary.rpath.com@rpl:devel//1/1.4.2-1.4-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916 http://issues.rpath.com/browse/RPL-426 http://www.kde.org/info/security/advisory-20060615-2.txt Description: In previous versions of arts, the artswrapper program has a vulnerability which enables a local users to escalate to root privileges if the artswrapper program is setuid root. In rPath Linux, artswrapper is not setuid root, but if users or derivative distributions have modified artswrapper to make it setuid root, they may be vulnerable to this attack.
Powered by blists - more mailing lists