Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0070

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-0070
Last Modified 05 Sep 2008 04:45:13
Published 02 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0070

Summary

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.

Vulnerable Systems

Application

  • Synaesthesia 2.1


References

DEBIAN - DSA-681

BID - 12546

SECTRACK - 1013206

SECUNIA - 14300


Last Updated: 27 May 2016 10:39:39