Описание
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| icecast2 | fixed | 2.4.0-1 | package | |
| icecast2 | no-dsa | squeeze | package | |
| icecast2 | no-dsa | wheezy | package |
Примечания
https://trac.xiph.org/changeset/19137/
EPSS
Процентиль: 19%
0.00062
Низкий
Связанные уязвимости
ubuntu
около 11 лет назад
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
nvd
около 11 лет назад
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
github
больше 3 лет назад
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
EPSS
Процентиль: 19%
0.00062
Низкий