FS#37002 - [davfs2] security patch for CVE-2013-4362
Attached to Project:
Arch Linux
Opened by RbN (RbN) - Friday, 20 September 2013, 17:42 GMT
Last edited by Thomas Bächler (brain0) - Monday, 13 January 2014, 22:04 GMT
Opened by RbN (RbN) - Friday, 20 September 2013, 17:42 GMT
Last edited by Thomas Bächler (brain0) - Monday, 13 January 2014, 22:04 GMT
|
Details
Description:
Insecure use of system(). exploitation of this bug is very easy and can lead to a priviledge escalation. CVE attribution [1] Debian bugtracker [2] Resolution: patch provided by upstream [3] [1] http://www.openwall.com/lists/oss-security/2013/09/17/7 [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034 [3] http://savannah.nongnu.org/bugs/download.php?file_id=29142 |
This task depends upon
Comment by RbN (RbN) - Thursday, 10
October 2013, 20:21 GMT
Comment by RbN (RbN) - Monday, 13
January 2014, 21:36 GMT
Exploits are available on the internet, please consider correct it
:)
More exploits available ....