Описание
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
Отчет
A failure in privsep_init() does not cause radvd to run with full root privileges when invoked with the --username option specifying an unprivileged user. Rather it will run as a single process as the specified (unprivileged) radvd user, causing this issue to have no security impact (no unintended privilege elevation).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | radvd | Not affected | ||
| Red Hat Enterprise Linux 5 | radvd | Not affected | ||
| Red Hat Enterprise Linux 6 | radvd | Not affected |
Показывать по
Дополнительная информация
Статус:
4.4 Medium
CVSS2
Связанные уязвимости
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
The router advertisement daemon (radvd) before 1.8.2 does not properly ...
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
4.4 Medium
CVSS2