arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow malicious users to gain root privileges by leveraging other vulnerabilities in the daemon.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lawrence berkeley national laboratory arpwatch 2.1a15 |