Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Gentoo: GLSA-200409-18 High: Local Exploit in cdrecord SUID Setting

gentoo
Calendar Grey September 14, 2004
Dist Gentoo Esm H88
Critical security alert for Gentoo cdrtools: potential local root vulnerability in cdrecord due to SUID root permissions.
cdrecord, if manually set SUID root, is vulnerable to a local root exploit allowing users to escalate privileges.

Summary

Gentoo Linux Security Advisory GLSA 200409-18 https://security.gentoo.org/ Severity: High Title: cdrtools: Local root vulnerability in cdrecord if set SUID root Date: September 14, 2004 Bugs: #63187 ID: 200409-18

Synopsis ======= cdrecord, if manually set SUID root, is vulnerable to a local root exploit allowing users to escalate privileges.
Background ========= The cdrtools package is a set of tools for CD recording, including the popular cdrecord command-line utility.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-cdr/cdrtools <= 2.01_alpha37 >= 2.01_alpha37-r1 *>= 2.01_alpha28-r2
========== Max Vozeler discovered that the cdre...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo local exploit cdrecord

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo local exploit cdrecord

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here