2 matches found
[SECURITY] [DSA-059-1] man-db symlink attack
Package : man-db Problem type : symlink attack Debian-specific: no Luki R. reported a bug in man-db: it did handle nested calls of dropeffectiveprivs and regaineffectiveprivs correctly which would cause it to regain privileges to early. This could be abused to make man create files as user man...
OpenBSD 2.x - 'fstat' Format String
// source: https://www.securityfocus.com/bid/1746/info fstat is a program shipped with BSD unix variants that is used to list the open files on a system. It is installed sgid kmem so it can access information about open files from the kernel memory structures. A user definable environment variabl...