[debian-goodies] [CVE-2007-3912] insufficient input sanitising
Bug #210128 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
debian-goodies (Debian) |
Fix Released
|
Unknown
|
|||
debian-goodies (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: debian-goodies
References:
DSA-1527-1 (http://
Quoting:
"Thomas de Grenier de Latour discovered that the checkrestart tool in the
debian-goodies suite of utilities, allowed local users to gain privileges
via shell metacharacters in the name of the executable file for a running
process."
CVE References
Changed in debian-goodies: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
Argh, sorry, missed a cross-check... This has already been fixed in USN-526-1.