Super Security Vulnerabilities

CVE-2002-0817

Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument.

CVE-2004-0579

Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.

CVE-2011-2776

Buffer overflow in the Error function in super.c in Super 3.30.0 might allow local users to execute arbitrary code via vectors related to syslog logging. NOTE: some of these details are obtained from third party information.

CVE-2014-0470

super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack.