1 results (0.008 seconds)

CVSS: 2.1EPSS: 0%CPEs: 15EXPL: 0

Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. Roaring Penguin pppoe, cuando se ejecuta con setuid root, no libera privilegios adecuadamente, lo que permite a usuarios locales sobreescribir ficheros arbitrarios. • http://marc.info/?l=bugtraq&m=110247119200510&w=2 http://marc.info/?l=bugtraq&m=110253341209450&w=2 http://www.debian.org/security/2004/dsa-557 http://www.fedoralegacy.org/updates/FC1/2005-11-14-FLSA_2005_152794__Updated_rp_pppoe_package_fixes_security_issue.html http://www.securityfocus.com/bid/11315 https://exchange.xforce.ibmcloud.com/vulnerabilities/17576 •