Launchpad CVE tracker

CVE 2011-2921

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

Related bugs and status

CVE-2011-2921 (Candidate) is related to these bugs:

Bug #932107: ktsuss fails to change the effective UID back to the real UID

		In	Importance	Status
932107	ktsuss fails to change the effective UID back to the real UID	ktsuss (Ubuntu)	Undecided	Invalid
932107	ktsuss fails to change the effective UID back to the real UID	ktsuss (Ubuntu Lucid)	Undecided	Won't Fix
932107	ktsuss fails to change the effective UID back to the real UID	ktsuss (Ubuntu Maverick)	Undecided	Won't Fix
932107	ktsuss fails to change the effective UID back to the real UID	ktsuss (Ubuntu Natty)	Undecided	Won't Fix
932107	ktsuss fails to change the effective UID back to the real UID	ktsuss (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://packetstormsecu...
MISC: https://access.redhat....
MISC: https://security-track...

Launchpad.net

CVE 2011-2921

Related bugs and status

Related bugs

References