Описание
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-2653
- https://security.gentoo.org/glsa/201607-16
- http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082553.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082565.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082569.html
- http://www.debian.org/security/2012/dsa-2481
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:113
- http://www.openwall.com/lists/oss-security/2012/05/24/12
- http://www.openwall.com/lists/oss-security/2012/05/24/13
- http://www.openwall.com/lists/oss-security/2012/05/24/14
- http://www.openwall.com/lists/oss-security/2012/05/25/5
EPSS
CVE ID
Связанные уязвимости
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly othe ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS