PT-2001-2066 · Mandrake+1 · Mandrake Linux+1

Publicado

2001-11-30

Atualizado

2017-10-10

CVE-2001-0912

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mandrake Linux version 8.1 expect version 8.3.3

Description A packaging error in expect 8.3.3 for Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories. This could allow a local user to gain root privileges.

Recommendations For Mandrake Linux 8.1 with expect 8.3.3, consider reconfiguring the library search path to prevent expect from searching the /home/snailtalk directory first. As a temporary workaround, restrict access to the /home/snailtalk directory to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2001-0912

Produtos afetados

Mandrake Linux

Expect

PT-2001-2066 · Mandrake+1 · Mandrake Linux+1

CVE-2001-0912

Identificadores relacionados

Produtos afetados

Referências · 3