RedHat restore 0.4 b15 Insecure Environment Variables Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System. A vulnerability exists that could allow a user elevated permissions. The problem occurs in the RSH...

cdrecord fails to set proper permissions on programs specified in RSH environment variable

Overview Cdrecord can call external programs specified by the RSH environment variable. This may permit a malicious local user to gain elevated privileges. Description Cdrecord is an application used to create data or audio compact discs. Cdrecord permits the use of CD recorders on remote machine...

GLSA-200409-18 : cdrtools: Local root vulnerability in cdrecord if set SUID root

The remote host is affected by the vulnerability described in GLSA-200409-18 cdrtools: Local root vulnerability in cdrecord if set SUID root Max Vozeler discovered that the cdrecord utility, when set to SUID root, fails to drop root privileges before executing a user-supplied RSH program. By...

star fails to set proper permissions on programs specified in RSH environment variable

Overview Star can call external programs specified by the RSH environment variable. This may permit a malicious local user to gain elevated privileges. Description Star is a tape archiving program similar to tar. Star permits the use of storage devices on remote machines via an access program on...

CVE-2004-0806

cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges...

Linux dump uses environment variables insecurely, allowing for root compromise

Overview Some implementations of the Linux backup utility, dump, call external programs on remote machines via the RSH environment variable. This may permit an attacker to compromise root if dump is setuid root. Description Some implementations of the Linux backup utility, dump, permit use of...

RedHat 0.4 b15 restore - Insecure Environment Variables

RedHat 0.4 b15 restore - Insecure Environment Variables source: https://www.securityfocus.com/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System. A vulnerability exists that could allow a user elevated permissions. The problem...

RedHat 0.4 b15 restore - Insecure Environment Variables

source: https://www.securityfocus.com/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System. A vulnerability exists that could allow a user elevated permissions. The problem occurs in the RSH environment variable. restore is...