server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote malicious users to execute CGI programs with unintended privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
myserver myserver 0.8.5 |