sendfile -- broken privileges dropping, broken tempfile

ID DSA-050
Type debian
Reporter Debian
Modified 2001-04-20T00:00:00


Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon `sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges.

We recommend you upgrade your sendfile packages immediately.