Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2807

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-2807
Last Modified 05 Sep 2008 04:52:44
Published 07 Sep 2005 02:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2807

Summary

frox 0.7.18, when running setuid root, does not properly drop privileges when reading a configuration file, which allows local users to read portions of arbitrary files via the -f command line option.

Vulnerable Systems

Application

  • Frox 0.7.18


References

BID - 14711

BUGTRAQ - 20050901 File aribitary read access in frox


Last Updated: 27 May 2016 10:40:38