oss-sec mailing list archives
CVE request: local root via setuid VBoxNetAdpCtl
From: Thomas Biege <thomas () suse de>
Date: Tue, 13 Oct 2009 08:38:40 +0200
Hello, this one needs two CVE-IDs: - shell meta char injection in popen() - possible buffer overflow in strncpy() http://sunsolve.sun.com/search/document.do?assetkey=1-66-268188-1 -- Bye, Thomas -- Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach
Current thread:
- CVE request: local root via setuid VBoxNetAdpCtl Thomas Biege (Oct 12)
- Re: CVE request: local root via setuid VBoxNetAdpCtl Tomas Hoger (Oct 13)
- Re: CVE request: local root via setuid VBoxNetAdpCtl Steven M. Christey (Oct 15)
- Re: CVE request: local root via setuid VBoxNetAdpCtl Tomas Hoger (Oct 13)