cdrtools Lets Local Users Obtain Root Privileges
|
|
SecurityTracker Alert ID: 1011091 |
|
SecurityTracker URL: http://securitytracker.com/id/1011091
|
|
CVE Reference:
CAN-2004-0806
(Links to External Site)
|
Date: Aug 30 2004
|
Impact:
Root access via local system
|
Vendor Confirmed: Yes
|
Version(s): 2.00.3
|
Description:
A vulnerability was reported in cdrecord (cdrtools). A local user may be able to obtain elevated privileges.
A linux distribution vendor reported that a local user can exploit a flaw in cdrecord to obtain root privileges on the target system.
Max Vozeler is credited with discovering this flaw.
|
Impact:
A local user can obtain root privileges.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.fokus.fhg.de/research/cc/glone/employees/joerg.schilling/private/cdrecord.html (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Aug 30, 2004
Subject: cdrecord
|
A vulnerability was reported in cdrecord (cdrtools). A local user may be able to
obtain root privileges on the target system. Max Vozeler is credited with discovering
this flaw.
CVE: CAN-2004-0806
|
|
