6 matches found
openSUSE Security Update : acl (acl-1803)
the setfacl tool followed symbolic links in recursive -R mode even if the --physical -P option was specified CVE-2009-4411. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update acl-1803. The text...
openSUSE Security Update : acl (acl-1803)
the setfacl tool followed symbolic links in recursive -R mode even if the --physical -P option was specified CVE-2009-4411. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update acl-1803. The text...
SuSE 11 Security Update : acl and libacl (SAT Patch Number 1804)
The setfacl tool followed symbolic links in recursive -R mode even if the --physical -P option was specified CVE-2009-4411. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
[ MDVSA-2009:345 ] acl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:345 http://www.mandriva.com/security/ Package : acl Date : December 28, 2009 Affected: 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 Problem Description: A vulnerability was discovered and corrected in acl:...
CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
CVE-2009-4411
CVE-2009-4411 concerns the acl feature in XFS ACL 2.2.47. The setfacl and getfacl utilities, when run in recursive (-R) mode, follow symbolic links even if --physical (-P) or -L is specified. This could allow a local attacker to manipulate ACLs on arbitrary files or directories via a symlink atta...