Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200704-03
https://security.gentoo.org/
Severity: High
Title: OpenAFS: Privilege escalation
Date: April 03, 2007
Bugs: #171662
ID: 200704-03
Synopsis
=======
OpenAFS is subject to a design flaw that could allow privilege
escalation on the client.
Background
=========
OpenAFS is a distributed network filesystem.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-fs/openafs < 1.4.4 >= 1.4.4
==========
Benjamin Bennett discovered that the OpenAFS client contains a design
flaw where cache managers do not use authenticated server connections
when performing actions not requested by a user.
Impact
=====
If setuid is enabl...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.