BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
timecop bubblemon 1.0pl4 |
||
timecop bubblemon 1.0pl6 |
||
timecop bubblemon 1.1test4 |
||
timecop bubblemon 1.1test5 |
||
timecop bubblemon 1.23 |
||
timecop bubblemon 1.2test1 |
||
timecop bubblemon 1.0pl2 |
||
timecop bubblemon 1.0pl3 |
||
timecop bubblemon 1.1test2 |
||
timecop bubblemon 1.1test3 |
||
timecop bubblemon 1.21test1 |
||
timecop bubblemon 1.22 |
||
timecop bubblemon 1.0 |
||
timecop bubblemon 1.0pl1 |
||
timecop bubblemon 1.0pl9 |
||
timecop bubblemon 1.1 |
||
timecop bubblemon 1.1test1 |
||
timecop bubblemon 1.2 |
||
timecop bubblemon 1.21 |
||
timecop bubblemon 1.0pl7 |
||
timecop bubblemon 1.0pl8 |
||
timecop bubblemon 1.1test6 |
||
timecop bubblemon 1.1test7 |
||
timecop bubblemon 1.3 |
||
timecop bubblemon 1.31 |
||
freebsd freebsd 6.2 |