Lucene search
MitreCVELIST:CVE-2017-6964HistoryMar 28, 2017 - 1:00 a.m.
CVE-2017-6964
2017-03-2801:00:00
mitre
www.cve.org
5
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.
Related
osv
osv
eject - security update
2017-03-28 00:00:00
eject - security update
2017-03-28 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Eject vulnerability (USN-3246-1)
2017-03-28 00:00:00
Debian DSA-3823-1 : eject - security update
2017-03-30 00:00:00
Debian DLA-876-1 : eject security update
2017-03-30 00:00:00
openvas
openvas
Debian Security Advisory DSA 3823-1 (eject - security update)
2017-03-28 00:00:00
Debian: Security Advisory (DLA-876-1)
2018-01-11 00:00:00
Ubuntu: Security Advisory (USN-3246-1)
2017-03-28 00:00:00
ubuntu
ubuntu
Eject vulnerability
2017-03-27 00:00:00
ubuntucve
ubuntucve
CVE-2017-6964
2017-03-27 00:00:00
debian
debian
[SECURITY] [DSA 3823-1] eject security update
2017-03-28 15:41:29
[SECURITY] [DLA 876-1] eject security update
2017-03-28 08:52:20
[SECURITY] [DSA 3823-1] eject security update
2017-03-28 15:41:29
debiancve
debiancve
CVE-2017-6964
2017-03-28 01:59:01
cve
cve
CVE-2017-6964
2017-03-28 01:59:01
prion
prion
Design/Logic Flaw
2017-03-28 01:59:00
cloudfoundry
cloudfoundry
USN-3246-1: Eject vulnerability | Cloud Foundry
2017-05-01 00:00:00
nvd
nvd
CVE-2017-6964
2017-03-28 01:59:01