2 matches found
CVE-2012-10022
CVE-2012-10022 affects Kloxo 6.1.12 and earlier. It involves two setuid root binaries, lxsuexec and lxrestart; lxsuexec performs a uid check and allows execution of commands as root when the invoking user has uid 48, enabling local privilege escalation from a user with Apache-level access without...
CVE-2012-10022 Kloxo <= 6.1.12 Local Privilege Escalation
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attacker...