*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: splitvt

References:
DSA-1500-1 (http://www.debian.org/security/2008/dsa-1500)

Quoting:
"Mike Ashton discovered that splitvt, a utility to run two programs in a
split screen, did not drop group privileges prior to executing 'xprop'.
This could allow any local user to gain the privileges of group utmp."

** Affects: splitvt (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0162

-- 
[splitvt] [CVE-2008-0162] privilege escalation
https://bugs.launchpad.net/bugs/195689
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to