found 475733 1.0.5-6
thanks
* Dropped 05_setuid.diff as it can cause a root exploit. (Closes: #475733)
This is not enough, because it still has seved set userid and is
exploitable:
The package has a setuid binary acon. The binary never drops setuid. The
source code contains the following
Processing commands for [EMAIL PROTECTED]:
found 475733 1.0.5-6
Bug#475733: acon: local root exploit
Bug marked as found in version 1.0.5-6 and reopened.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian
reopen 475733
thanks
Hi,
* Helmut Grohne [EMAIL PROTECTED] [2008-04-13 16:36]:
* Dropped 05_setuid.diff as it can cause a root exploit. (Closes:
#475733)
This is not enough, because it still has seved set userid and is
exploitable:
[...]
As stated before the code only changes the
3 matches
Mail list logo