oss-sec mailing list archives
Re: CVE request: tss <= 0.8.1-3: arbitary file reading
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 17 Apr 2008 13:07:53 -0400 (EDT)
On Thu, 17 Apr 2008, Nico Golde wrote:
Steve (the mitre one :) did you miss that?
yes, but I didn't miss this anyway :) ====================================================== Name: CVE-2008-1877 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1877 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475747 tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges.
Current thread:
- CVE request: tss <= 0.8.1-3: arbitary file reading Steve Kemp (Apr 12)
- Re: CVE request: tss <= 0.8.1-3: arbitary file reading Nico Golde (Apr 17)
- Re: CVE request: tss <= 0.8.1-3: arbitary file reading Steven M. Christey (Apr 17)
- Re: CVE request: tss <= 0.8.1-3: arbitary file reading Nico Golde (Apr 17)