Comfortable FTP (cftp) readrc() Function Local Overflow

ID OSVDB:35203
Type osvdb
Reporter OSVDB
Modified 2007-03-19T08:33:50


Technical Description

The program cftp is not SUID/SGID by default and can not be leveraged for additional privileges as a result of a default installation. This vulnerability only manifests if an administrator adds SUID or SGID privileges to the program, or if another program invokes it with increased privileges.


Vendor URL: Mail List Post: Mail List Post: