RSS   Podatności dla 'Tmpreaper'   RSS

2019-02-04
 
CVE-2019-3461

CWE-362
 

 
Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14.

 

 >>> Vendor: Debian 97 Produkty
Qpopper
Debian linux
Netkit
Cfingerd
TIN
Horde
Elvis tiny
Sgml-tools
Netstd
Internet message
Mailscanner
Mime-support
FSP
Strongswan
Lintian
Shadow-utils
Debmake
Tetex-bin
Sympa
DPKG
Bsmtpd
Toolchain-source
PPXP
Reportbug
Turba
Apt-cacher
FUSE
TOR
Apt-setup
Backupninja
Kernel-patch-vserver
Libmail-audit-perl
Amaya
Base-config
Apache
GFAX
Debian-goodies
Reprepro
Duplicity
Guilt
UNP
Apt-listchanges
TSS
Aptlinex
Projectl
Honeyd common
Citadel server
Python-dns
Xsabre
FETA
Dpkg-cross
Myspell
Newsgate
Initramfs-tools
Os-prober
LTP
Shadow
Horde imp
Horde groupware
Nss-ldap
APT
Libdbd-pg-perl
Devscripts
Mono-debugger
Tex-common
Apache2
Texlive-extra-utils
Php5-common
Logol
Devotee
Cifs-utils
Trousers
Bsdmainutils
LATD
Txt2man
Adequate
Localepurge
Syncevolution
Axiom
Advanced package tool
Ppthtml
Xbuffy
Dpkg-dev
Kde4libs
Python-imaging
Exuberant ctags
Hivex
Dbd-firebird
Unattended-upgrades
Xbindkeys-config
Ftpsync
Postgresql-common
Devscript
Crossroads
Tmpreaper
Debian-lan-config
PERM


Copyright 2024, cxsecurity.com

 

Back to Top