CVE-2020-24332

CVE-2020-24332 affects TrouSerS up to version 0.3.14. When tcsd runs with root privileges, creating the system.data file is prone to symlink attacks, allowing the tss user to create or corrupt files and potentially cause a DoS. A fix is available in trousers 0.3.15 (and advisories note the issues...

CVE-2012-0698

CVE-2012-0698 affects the TrouSerS project’s tcsd daemon. A crafted type_offset value in a TCP packet to port 30003 can cause a denial of service (daemon crash). The issue lies in how tcsd processes incoming TCP packets. Upstream fix is to upgrade TrouSerS to version 0.3.13 (from the affected 0.3...