4 matches found
CVE-2004-0395
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call...
CVE-2004-0395
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call...
CVE-2004-0395
CVE-2004-0395 affects the gatos package’s xatitv utility. The issue occurs when the configuration file is missing: xatitv does not drop root privileges, allowing a local user to trigger system calls containing shell metacharacters and potentially escalate to root. Debian DSA-509-1 documents this ...
CVE-2004-0395
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call...