CVE-2001-1324
N/A
N/A
Summary
cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://securitytracker.com/id?1001839
- http://multivac.cwru.edu/idtools/admin_idtools.tar.bz2
- http://www.securityfocus.com/bid/2934
References
- http://securitytracker.com/id?1001839
- http://multivac.cwru.edu/idtools/admin_idtools.tar.bz2
- http://www.securityfocus.com/bid/2934
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.