Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: init script x11-common creates directories in insecure manners
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 28 Feb 2012 17:01:19 -0700

On 02/28/2012 10:55 AM, vladz wrote:
Hi,

I've reported a small vulnerability to Debian.  Due to an insecure file
creation, a local user can gain root privileges right after the 
"x11-common" service is started.

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661627

Could you allocate CVE id for this issue?

Thank you,
vladz.


Please use CVE-2012-1093 for this issue.

P.S. is this Debian specific?

-- 
Kurt Seifried Red Hat Security Response Team (SRT)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]