mailing list archives
Re: CVE request: init script x11-common creates directories in insecure manners
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 28 Feb 2012 17:01:19 -0700
On 02/28/2012 10:55 AM, vladz wrote:
I've reported a small vulnerability to Debian. Due to an insecure file
creation, a local user can gain root privileges right after the
"x11-common" service is started.
Could you allocate CVE id for this issue?
Please use CVE-2012-1093 for this issue.
P.S. is this Debian specific?
Kurt Seifried Red Hat Security Response Team (SRT)