Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

ArchLinux: ALSA-202304-23 Critical: Audio Input Vulnerability

gentoo
Calendar Grey January 3, 2006
Dist Gentoo Esm H88
A vulnerability in Gentoo Linux's Pinentry tool could enable privilege escalation. Users must quickly upgrade their software to reduce this risk. Follow this guide for securing your system
pinentry is vulnerable to privilege escalation.

Summary

Gentoo Linux Security Advisory GLSA 200601-01 https://security.gentoo.org/ Severity: Normal Title: pinentry: Local privilege escalation Date: January 03, 2006 Bugs: #116822 ID: 200601-01

Synopsis ======= pinentry is vulnerable to privilege escalation.
Background ========= pinentry is a collection of simple PIN or passphrase entry dialogs which utilize the Assuan protocol.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/pinentry < 0.7.2-r2 >= 0.7.2-r2
========== Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered that the pinentry ebuild incorrectly sets the permissions of the pinentry binaries upon installation, so that the sgid...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo local escalation normal severity pinentry

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo local escalation normal severity pinentry

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here