oss-sec mailing list archives
Re: CVE Request: seunshare and setexeccon issues
From: Solar Designer <solar () openwall com>
Date: Mon, 12 May 2014 23:26:29 +0400
On Mon, May 12, 2014 at 12:21:49PM -0700, Andy Lutomirski wrote:
On Mon, May 12, 2014 at 12:16 PM, Solar Designer <solar () openwall com> wrote:On Mon, May 12, 2014 at 10:34:00AM -0700, Andy Lutomirski wrote:I'm not sure how many CVE numbers should be assigned here. As far as I know, none have been assigned so far.I think you missed this: http://www.openwall.com/lists/oss-security/2014/05/08/1 in which CVE-2014-3215 was assigned.I did. Thanks.
Does your CVE request still stand, or are you satisfied with this one CVE id for the interaction (not for a particular component)?
FWIW, it appears that common exim configurations are vulnerable, so this might be worse than just an exposure.
Please try to demo this. Thanks! Alexander
Current thread:
- CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)
- Re: CVE Request: seunshare and setexeccon issues Solar Designer (May 12)
- Re: CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)
- Re: CVE Request: seunshare and setexeccon issues Solar Designer (May 12)
- Re: CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)
- Re: CVE Request: seunshare and setexeccon issues Andy Lutomirski (May 12)
- Re: CVE Request: seunshare and setexeccon issues Solar Designer (May 12)