CVE-2012-2653

2012-07-12T00:00:00
ID UB:CVE-2012-2653
Type ubuntucve
Reporter ubuntu.com
Modified 2012-07-12T00:00:00

Description

arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.

Bugs

  • <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674715>

Notes

Author| Note
---|---
tyhicks | Per Debian BTS, "Found in version arpwatch/2.1a15-1.1"