Security Advisory

CVE-2004-0806

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2004-09-14 04:00:00

Last updated 2024-08-08 00:31:47

Assigner mitre

State PUBLISHED

Description

cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.

← Browse all CVEs View on cve.org ↗