24 matches found
CVE-2011-4099
The CVE-2011-4099 issue affects the capsh program in libcap prior to version 2.22, where the current working directory is not changed when --chroot is used, enabling local users to bypass chroot restrictions. Affected component: libcap (capsh utility). Root cause: chroot handling does not chdir t...
SuSE 11.1 Security Update : libcap (SAT Patch Number 5380)
The following bug has been fixed : - capsh did not chdir'/' after calling chroot. Programs could therefore access the current directory outside of the chroot. CVE-2011-4099 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
RHEL 6 : libcap (RHSA-2011:1694)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1694 advisory. The libcap packages provide a library and tools for getting and setting POSIX capabilities. It was found that capsh did not change into the new root...
capsh: does not chdir after chroot
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...