CVE-2006-4447

Related Files

Gentoo Linux Security Advisory 200704-22

Posted May 3, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200704-22 - BEAST, which is installed as setuid root, fails to properly check whether it can drop privileges accordingly if seteuid() fails due to a user exceeding assigned resource limits. Versions less than 0.7.1 are affected.

tags | advisory, root

systems | linux, gentoo

advisories | CVE-2006-2916, CVE-2006-4447

SHA-256 | b56ad1169d97afa91c41909932984316ec9f981b85162a450a6f0d132af19acc

Download | Favorite | View

Mandriva Linux Security Advisory 2006.160

Posted Sep 7, 2006

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-160 - X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.

tags | advisory, local

systems | linux, mandriva

advisories | CVE-2006-4447

SHA-256 | de3beccb7fea8f0f8b08112644987888ac712b70536c525e8d8e4ab520f5677a

Download | Favorite | View