Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google tunnelblick |