Lucene search
Gentoo FoundationGLSA-200803-05HistoryMar 03, 2008 - 12:00 a.m.
SplitVT: Privilege escalation
2008-03-0300:00:00
Gentoo Foundation
security.gentoo.org
8
0.0004 Low
EPSS
Percentile
5.2%
Background
SplitVT is a program for splitting terminals into two shells.
Description
Mike Ashton reported that SplitVT does not drop group privileges before executing the xprop utility.
Impact
A local attacker could exploit this vulnerability to gain the “utmp” group privileges.
Workaround
There is no known workaround at this time.
Resolution
All SplitVT users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-misc/splitvt-1.6.6-r1"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | app-misc/splitvt | < 1.6.6-r1 | UNKNOWN |
Related
nessus
nessus
Debian DSA-1500-1 : splitvt - privilege escalation
2008-02-25 00:00:00
GLSA-200803-05 : SplitVT: Privilege escalation
2008-03-07 00:00:00
osv
osv
splitvt - privilege escalation
2008-02-21 00:00:00
openvas
openvas
Debian Security Advisory DSA 1500-1 (splitvt)
2008-02-28 00:00:00
Debian: Security Advisory (DSA-1500-1)
2008-02-28 00:00:00
Gentoo Security Advisory GLSA 200803-05 (splitvt)
2008-09-24 00:00:00
securityvulns
securityvulns
splitvt privilege escalation
2008-02-22 00:00:00
[SECURITY] [DSA 1500-1] New splitvt packages fix privilege escalation
2008-02-22 00:00:00
ubuntucve
ubuntucve
CVE-2008-0162
2008-02-22 00:00:00
prion
prion
Code injection
2008-02-22 21:44:00
debiancve
debiancve
CVE-2008-0162
2008-02-22 21:44:00
debian
debian
[SECURITY] [DSA 1500-1] New splitvt packages fix privilege escalation
2008-02-21 20:23:13
cve
cve
CVE-2008-0162
2008-02-22 21:44:00
cvelist
cvelist
CVE-2008-0162
2008-02-22 21:00:00