Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Gentoo: GLSA-202303-15 Critical: Rsnapshot Local Privilege Escalation

gentoo
Calendar Grey April 13, 2005
Scroller Gentoo
An essential Gentoo notice addressing local privilege escalation vulnerabilities in rsnapshot outlines remediation measures and the associated security ramifications.
rsnapshot allow a local user to take ownership of local files, resulting in privilege escalation.

Summary

Gentoo Linux Security Advisory GLSA 200504-12 https://security.gentoo.org/ Severity: High Title: rsnapshot: Local privilege escalation Date: April 13, 2005 Bugs: #88681 ID: 200504-12

Synopsis ======= rsnapshot allow a local user to take ownership of local files, resulting in privilege escalation.
Background ========= rsnapshot is a filesystem snapshot utility based on rsync, allowing local and remote systems backups.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/rsnapshot < 1.2.1 >= 1.2.1
========== The copy_symlink() subroutine in rsnapshot follows symlinks when changing file ownership, instead of changing the ownership of the symlink it...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround