Showing 1 - 1 of 1

CVE-2004-0395

Status Candidate

Overview

The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.

Related Files

dsa-509.txt: Posted May 30, 2004; Authored by Matt Zimmerman | Site debian.org; Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.; tags | advisory, local, root; systems | linux, debian; advisories | CVE-2004-0395; SHA-256 | 3ce34d6d1e5e9badae4bd01e62d08cce72041031812e1163569eaca982b69ca5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 256 files
Ubuntu 87 files
Gentoo 31 files
Debian 19 files
tmrswrr 8 files
Sina Kheirkhah 7 files
Rodolfo Tavares 4 files
bRpsd 3 files
nu11secur1ty 3 files
h00die-gr3y 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,448)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,344)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,672)
UNIX (9,427)
UnixWare (187)
Windows (6,666)
Other

CVE-2004-0395

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems