GNS3 ubridge up to and including 0.9.18 on macOS, as used in GNS3 server prior to 2.1.17, allows a local malicious user to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gns3 ubridge |