3 matches found
[SECURITY] [DSA 2917-1] super security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2917-1 [email protected] http://www.debian.org/security/ Florian Weimer April 28, 2014 http://www.debian.org/security/faq -...
CVE-2014-0470
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
CVE-2014-0470
CVE-2014-0470 affects the Super package (version 3.30.0) where the setuid() return value is not checked when the -F flag is used, enabling local privilege escalation via an RLIMIT_NPROC scenario. Root cause: failure to verify setuid() result. Public references (e.g., Debian security advisory DSA-...