CVE-2007-3912

Thomas de Grenier de Latour discovered that the checkrestart program included in debian-goodies did not correctly handle shell meta-characters A local attacker could exploit this to gain the privileges of the user running checkrestart ...

Debian Bug report logs - #440411 checkrestart: arbitrary root-privileged command execution Package: debian-goodies; Maintainer for debian-goodies is Javier Fernández-Sanguino Peña <jfs@debianorg>; Source for debian-goodies is src:debian-goodies (PTS, buildd, popcon) Reported by: Thomas de Grenier de Latour <degrenier@e ...

Debian Bug report logs - #438540 libid3-383c2a: creates insecure temporary files Package: libid3-383c2a; Maintainer for libid3-383c2a is Stefan Ott <stefan@ottnet>; Source for libid3-383c2a is src:id3lib383 (PTS, buildd, popcon) Reported by: Nikolaus Schulz <microschulz@webde> Date: Fri, 17 Aug 2007 16:57 ...

Thomas de Grenier de Latour discovered that the checkrestart tool in the debian-goodies suite of utilities, allowed local users to gain privileges via shell metacharacters in the name of the executable file for a running process For the old stable distribution (sarge), this problem has been fixed in version 024+sarge1 For the stable distribution ...