4 matches found
Astra Linux - уязвимость в beep
Beep version 1.3 and later contains a vulnerability in the External Control of File Name or Path feature in the --device option. This vulnerability allows local unprivileged users to inhibit the execution of arbitrary programs by other users, potentially leading to Denial-of-Service attacks. This...
CVE-2018-1000532
beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users...
CVE-2018-1000532
beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users...
beep: Local privilege escalation
Background The advanced PC speaker beeper. Description A race condition, if setuid, was discovered in beep. Impact A local attacker could escalate privileges. Workaround There is no known workaround at this time. Resolution All beep users should upgrade to the latest version: emerge --sync emerge...