Описание
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.49-5ubuntu1 |
| esm-infra-legacy/trusty | released | 0.49-4.1ubuntu1.14.04.1 |
| lucid | released | 0.49-3ubuntu0.1 |
| precise | released | 0.49-4ubuntu1.1 |
| saucy | released | 0.49-4.1ubuntu1.13.10.1 |
| trusty | released | 0.49-4.1ubuntu1.14.04.1 |
| trusty/esm | released | 0.49-4.1ubuntu1.14.04.1 |
| upstream | needs-triage |
Показывать по
3.7 Low
CVSS2
Связанные уязвимости
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
The slapper function in chkrootkit before 0.50 does not properly quote ...
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
3.7 Low
CVSS2