Paketname
dump
Datum
2000-11-02
Advisory ID
MDKSA-2000:065
Betroffene Versionen
6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586 , 7.2 i586

Problembeschreibung

In some instances, if dump is suid root, it can be used to gain root access. Two exploits have been published to prove this. Linux-Mandrake ships dump suid root, however both exploits do not work under Linux-Mandrake. The end result is a shell that is suid by the user attempting the exploit, and not suid root which is the intended result.

Aktualisierte Pakete

6.1 i586

 na 6.1/RPMS/na

6.0 i586

 na 6.0/RPMS/na

7.0 i586

 na 7.0/RPMS/na

7.1 i586

 na 7.1/RPMS/na

7.2 i586

 na 7.2/RPMS/na