Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 vbox3 Privilege State Error Lets Local Users Execute TCL Scripts With Root Privileges
Categorie: Vulnerability
Posted: 2004-01-12 by ReCall
Views: 384
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: A vulnerability was reported in vbox3. A local user can gain root privileges on the target system.

In October 2003, it was reported that 'vboxgetty/voice.c' does not properly drop root privileges before running a user-controlled TCL script. A local user can reportedly execute arbitrary scripts with root privileges to gain root access on the system.

Impact: A local user can execute scripts with root privileges.

Solution: The vendor has released a fixed version, available at:



http://smarden.org/pape/vbox3/install.html

The vendor's notice is available at:

http://listserv.isdn4linux.de/pipermail/isdn4linux/2003-October/000114.html
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=638

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES