SSHKeychain TunnelRunner Lets Local Users Gain Root Privileges
|
|
SecurityTracker Alert ID: 1018630
|
|
SecurityTracker URL: http://securitytracker.com/id?1018630
|
|
CVE Reference: CVE-2007-4500
(Links to External Site)
|
Updated: Apr 1 2008
|
Original Entry Date: Aug 30 2007
|
Impact: Execution of arbitrary code via local system, Root access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 0.8.1
|
Description: A vulnerability was reported in SSHKeychain. A local user can obtain root privileges on the target system.
A local user can execute arbitrary code on the target system with root privileges. The vulnerability resides in 'TunnelRunner.c',
which is configured with set user id (setuid) root user privileges.
Eric Warnke reported this vulnerability.
|
Impact: A local user can obtain root privileges on the target system.
|
Solution: The vendor has issued a fixed version (0.8.1).
The SSHKeychain advisory is available at:
http://www.sshkeychain.org/changes.php
|
Vendor URL: sshkeychain.org/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: UNIX (OS X)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 30 Aug 2007 12:42:35 -0400
Subject: SSHKeychain
|
http://www.sshkeychain.org/changes.php
0.8.1 (released on 10.08.2007)
* Fixed a security issue
|
|
