Full Disclosure mailing list archives
-ADVISORY- ~ [Thu Mar 16 03:09:47 EST 2006] ~ Local Privilege Escalation Vulnerability in ISC DHCP
From: mmaiffret () eeye com
Date: Thu, 16 Mar 2006 08:10:02 +0000 (GMT)
-ADVISORY- ~ [Thu Mar 16 03:09:47 EST 2006] ~ Local Privilege Escalation Vulnerability in ISC DHCP ++++++++++++++++++++++++++++++++++++++ o/ å BACKGROUND ++++++++++++++++++++++++++++++++++++++ There has been no background commentary about this issue in question. ++++++++++++++++++++++++++++++++++++++ å \o DESCRIPTION ++++++++++++++++++++++++++++++++++++++ ISC DHCP incorrectly validates user input, making privilege escalation possible. ++++++++++++++++++++++++++++++++++++++ o/ å CVE INFORMATION ++++++++++++++++++++++++++++++++++++++ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-437287 to this issue ++++++++++++++++++++++++++++++++++++++ CONTACT ++++++++++++++++++++++++++++++++++++++ Marc Maiffret lolville () spam la 1-888-565-9428 CSFA SSP-MPA GHTQ CAP SSCP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- -ADVISORY- ~ [Thu Mar 16 03:09:47 EST 2006] ~ Local Privilege Escalation Vulnerability in ISC DHCP mmaiffret (Mar 16)
