oss-sec mailing list archives

Re: CVE Request: seunshare and setexeccon issues

From: Andy Lutomirski <luto () amacapital net>
Date: Mon, 12 May 2014 12:21:49 -0700

On Mon, May 12, 2014 at 12:16 PM, Solar Designer <solar () openwall com> wrote:

On Mon, May 12, 2014 at 10:34:00AM -0700, Andy Lutomirski wrote:

I'm not sure how many CVE numbers should be assigned here.  As far as
I know, none have been assigned so far.


I think you missed this:

http://www.openwall.com/lists/oss-security/2014/05/08/1

in which CVE-2014-3215 was assigned.


I did.  Thanks.

FWIW, it appears that common exim configurations are vulnerable, so
this might be worse than just an exposure.

--Andy

CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)
- Re: CVE Request: seunshare and setexeccon issues Solar Designer (May 12)
  - Re: CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)
    - Re: CVE Request: seunshare and setexeccon issues Solar Designer (May 12)
    - Re: CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)