2 matches found
Regular Expression Denial Of Service (ReDoS)
schroot is vulnerable to regualr expression denial of service. The vulnerability exists in isvalidsessionname in sbuild-util.cc because it doesn't limit the allowed characters on schroot names properly which allows an attacker to perform a ReDoS attack...
[SECURITY] Fedora 19 Update: schroot-1.4.25-13.fc19
schroot allows users to execute commands or interactive shells in different chroots. Any number of named chroots may be created, and access permissions given to each, including root access for normal users, on a per-user or per-group basis. Additionally, schroot can switch to a different user in...