PT-2001-2066 · Mandrake+1 · Mandrake Linux+1

Published

2001-11-30

Updated

2017-10-10

CVE-2001-0912

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mandrake Linux version 8.1 expect version 8.3.3

Description A packaging error in expect 8.3.3 for Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories. This could allow a local user to gain root privileges.

Recommendations For Mandrake Linux 8.1 with expect 8.3.3, consider reconfiguring the library search path to prevent expect from searching the /home/snailtalk directory first. As a temporary workaround, restrict access to the /home/snailtalk directory to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0912

Affected Products

Mandrake Linux

Expect

PT-2001-2066 · Mandrake+1 · Mandrake Linux+1

CVE-2001-0912

Related Identifiers

Affected Products

References · 3