Date: Mon, 14 Dec 2015 16:03:42 +0100 From: Florian Weimer <fweimer@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness On 12/14/2015 12:59 AM, halfdog wrote: > Here they are. I have got feedback, that at least Suse is not affected > by that. As the affected configuration seems to not so common and also > impact is not really high - usually no user-controllable services are > run as user "man" - this should not be a great deal. It is just > something to fix sometime, which should be possible now for more > people as information now publicly available. > >  > http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ > >  > http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ I think systemd-tmpfiles can also have this issue, depending on system configuration. It's been assigned CVE-2013-4392, and has not been fixed anywhere, as far as I know. Florian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ