CVE-2004-0806

2004-12-31T05:00:00
ID CVE-2004-0806
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:29:00

Description

cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.