PT-2019-6656 · Kt · Ktsuss

Published

2019-11-19

Updated

2019-11-21

CVE-2011-2921

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ktsuss versions 1.4 and prior

Description The issue allows for command execution with root privileges due to the uid being set to root and privileges not being dropped before executing user-specified commands.

Recommendations For versions 1.4 and prior, consider dropping privileges before executing user-specified commands to prevent command execution with root privileges. As a temporary workaround, restrict the use of ktsuss to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-273

Related Identifiers

CVE-2011-2921

Affected Products

Ktsuss

PT-2019-6656 · Kt · Ktsuss

CVE-2011-2921

Weakness Enumeration

Related Identifiers

Affected Products

References · 6