Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

Gentoo Linux: GLSA-200704-03 High: OpenAFS Privilege Escalation Risk

gentoo
Calendar Grey April 4, 2007
Dist Gentoo Esm H88
OpenAFS contains an essential vulnerability on Gentoo Linux that compromises client access rights. Timely installation of updates is advised.
OpenAFS is subject to a design flaw that could allow privilege escalation on the client.

Summary

Gentoo Linux Security Advisory GLSA 200704-03 https://security.gentoo.org/ Severity: High Title: OpenAFS: Privilege escalation Date: April 03, 2007 Bugs: #171662 ID: 200704-03

Synopsis ======= OpenAFS is subject to a design flaw that could allow privilege escalation on the client.
Background ========= OpenAFS is a distributed network filesystem.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-fs/openafs < 1.4.4 >= 1.4.4
========== Benjamin Bennett discovered that the OpenAFS client contains a design flaw where cache managers do not use authenticated server connections when performing actions not requested by a user.
Impact ===== If setuid is enabl...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround