Umich Security Vulnerabilities

cve

CVE-2011-2709

libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.

7AI Score

0.0004EPSS

2012-06-21 03:55 PM