Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 29 Jan 2017 07:10:29 -0500
From: <cve-assign@...re.org>
To: <jmm@...ian.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>,
	<abe@...ian.org>
Subject: Re: CVE request: GNU screen escalation

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html
> http://savannah.gnu.org/bugs/?50142
> 
> The check opens the logfile with full root privileges.

Use CVE-2017-5618.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYjdleAAoJEHb/MwWLVhi2LOEP/jug+MKiWxPDN/Ywh7YXL6kx
2yQqV3fGscQSXijyhSPiduutau9Moqro5zMLVQCAhptOgO9QAhbNSA8xQbSx5NRE
h0+Zbuj+XG0/D3q3ArkYbbEFhrAcFznCBiTlc8WasGFTlEXPsgEfuwU/Xbe85xUW
JlObPGCDFAAjiPtuHjb2jAf97XnxocpO5h4YGGHN5k0yhC+nNg5wWNRaI0DK/T93
rhxgktycXPa7syzYPtzLkmL6OT665OxLFDpkO+FPPVISe9gVeJc3Ql6xALLGOmSJ
UBa0L1i/cDMl322fFgvnkcTbkzxljSPJK63MnRPZm0ziS1O/2Xj+2lu6BXNtWJZc
wObGXGS3Egz0uFwORD3h0HAR7KfeLePEWWD8UCUyXPBn4SGqhZXK/uhPxCj5MGZy
tXGD4wl9tc2HDf88v3eSQSKToaOxVOhZxP49TuyCxCohX+GPDsffPvbhau+CPhs1
/6cEGMo8WBqpaS6zjm0ZHz3nwR3xs70yg5FZ4DTzsL0fmyYpG3dsQ3vZcWqHwYb2
p1VTzf7sYc9EzWsIp2ST62AvgmfBgEf6CHcKXGkec0KgM7WFbLKmf86qEBgSAceA
1uQhrIKrx2lmJ2o4qKkfgrFqPXjWIr8Un5S6Dk9jj48fDxEWJeiSfyBcnVbel5r5
05Ha7umLpfibnMDOtJV9
=rvJd
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ