Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request: SLiM insecure PATH assignment
From: Niels Heinen <niels () FreeBSD org>
Date: Thu, 19 Aug 2010 22:34:22 +0200

Hi all,

SLiM versions prior to 1.3.1 assigned logged on users a predefined PATH
which included './'. This allowed unintentional code execution (e.g.
planted binary) and has been fixed by the developers in version 1.3.2.

Can you allocate a CVE number for this one?


Niels Heinen
FreeBSD committer | www.freebsd.org
PGP: 0x5FE39B80

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]