'Re: [oss-security] CVE request: init script x11-common creates directories in insecure manners'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: init script x11-common creates directories in insecure manners
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2012-02-29 0:01:19
Message-ID: 4F4D6ACF.2010705 () redhat ! com
[Download RAW message or body]

On 02/28/2012 10:55 AM, vladz wrote:
> Hi,
> 
> I've reported a small vulnerability to Debian.  Due to an insecure file
> creation, a local user can gain root privileges right after the 
> "x11-common" service is started.
> 
>   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661627
> 
> Could you allocate CVE id for this issue?
> 
> Thank you,
> vladz.
> 

Please use CVE-2012-1093 for this issue.

P.S. is this Debian specific?

-- 
Kurt Seifried Red Hat Security Response Team (SRT)
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic