opielogin.c in opielogin in OPIE 2.4.1-test1 and previous versions does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nrl opie 2.11 |
||
nrl opie 2.3 |
||
nrl opie 2.22 |
||
nrl opie 2.32 |
||
nrl opie 2.4 |
||
nrl opie 2.10 |
||
nrl opie 2.21 |
||
nrl opie 2.2 |
||
nrl opie |