Lucene search
SuseSUSE-SA:2001:38HistoryOct 31, 2001 - 4:42 p.m.
local privilege escalations (probably root) in uucp
2001-10-3116:42:46
lists.opensuse.org
13
0.0004 Low
EPSS
Percentile
0.4%
UUCP is a well known tool suite for copying data between unix-like systems. Zen-Parse reported that the higher privileges of uux (UID uucp) aren’t dropped if long options instead of normal (short) options are used. An attacker could exploit this hole, by specifying a malicious configuration file to execute and/or access arbitrary data with the privilege of user uucp.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 7.0 | alpha | uucp | < 1.06.1-227 | uucp-1.06.1-227.alpha.rpm |
| openSUSE | 6.4 | alpha | uucp | < 1.06.1-227 | uucp-1.06.1-227.alpha.rpm |
| openSUSE | 6.3 | i386 | uucp | < 1.06.1-333 | uucp-1.06.1-333.i386.rpm |
| openSUSE | 7.3 | i386 | uucp | < 1.06.1-333 | uucp-1.06.1-333.i386.rpm |
| openSUSE | 6.4 | ppc | uucp | < 1.06.1-225 | uucp-1.06.1-225.ppc.rpm |
| openSUSE | 7.1 | alpha | uucp | < 1.06.1-227 | uucp-1.06.1-227.alpha.rpm |
| openSUSE | 6.4 | i386 | uucp | < 1.06.1-333 | uucp-1.06.1-333.i386.rpm |
| openSUSE | 7.1 | sparc | uucp | < 1.06.1-228 | uucp-1.06.1-228.sparc.rpm |
| openSUSE | 7.2 | i386 | uucp | < 1.06.1-334 | uucp-1.06.1-334.i386.rpm |
| openSUSE | 7.0 | sparc | uucp | < 1.06.1-228 | uucp-1.06.1-228.sparc.rpm |
Related
openvas
openvas
Debian Security Advisory DSA 079-1 (uucp)
2008-01-17 00:00:00
Debian Security Advisory DSA 079-2 (uucp)
2008-01-17 00:00:00
Debian Security Advisory DSA 079-2 (uucp)
2008-01-17 00:00:00
cve
cve
CVE-2001-0873
2001-12-21 05:00:00
nessus
nessus
Debian DSA-079-2 : uucp - uucp uid/gid access
2004-09-29 00:00:00
cert
cert
Taylor UUCP Package fails to properly filter command line arguments
2001-09-25 00:00:00