4 matches found
Gentoo Security Advisory GLSA 200704-03 (openafs)
The remote host is missing updates announced in advisory GLSA 200704-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1271-1] New openafs packages fix remote privilege escalation bug
------------------------------------------------------------------------ Debian Security Advisory DSA-1271-1 [email protected] http://www.debian.org/security/ Noah Meyerhans March 20, 2007 - ------------------------------------------------------------------------ Package : openafs Vulnerability...
CVE-2007-1507
The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the...
CVE-2007-1507
OpenAFS before versions 1.4.4 and 1.5.17 allowed setuid programs in the local cell, enabling an attacker to spoof a FetchStatus reply and set setuid/root ownership on an executed file, leading to privilege escalation. Multiple advisories (GLSA 200704-03, Debian DSA-1271-1, Mandrake/MDKSA-2007:066...