-
KNOPPIX CD Default Install May Let Local Users Grab Root
http://www.securitytracker.com/alert...l/1007142.html
KNOPPIX CD Default Configuration May Let Local Users Grab Root Privileges
SecurityTracker Alert ID: 1007142
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Jul 9 2003
Impact: Modification of system information, Modification of user information, Root access via local system
Exploit Included: Yes
Description: A vulnerability was reported in the default configuration of the KNOPPIX CD. A local user can obtain root privileges.
It is reported that the "knx-hdinstall" default configuration creates unsafe temporary files in the '/tmp/.qt/' directory: 'qt_plugins_3.0rc', and 'qt_plugins_3.0rc.lock'. A local user can create a symbolic link (symlink) from a critical file on the system to one of these temporary files. Then, when a target user logs in, the symlinked file will be overwritten with the privileges of the target user, potentially including the root user.
Impact: A local user can cause a target user to overwrite a file on the system with the privileges of the target user. This can be exploited by a local user to potentially obtain root privileges.
Solution: No solution was available at the time of this entry.
Vendor URL: www.knoppix.org/ (Links to External Site)
Cause: Access control error, State error
Reported By: Hugo "Vazquez" "Carames" <overclocking_a_la_abuela@hotmail.com>
Message History: None.
Similar Threads
-
By Cerebrus in forum General Support
Replies: 4
Last Post: 06-21-2004, 01:49 PM
-
By jeremymeindl in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 05-29-2004, 01:06 AM
-
By pizarra in forum Hdd Install / Debian / Apt
Replies: 2
Last Post: 03-23-2004, 06:01 PM
-
By warpedmind in forum General Support
Replies: 12
Last Post: 11-19-2003, 12:10 AM
-
By rec9140 in forum General Support
Replies: 0
Last Post: 09-19-2003, 07:21 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Dell Precision 3420 SFF Intel Core i5-6500 8GB RAM 256GB SSD WIN 11
$75.00
HP Z820 8-Core 2.60GHz E5-2670 128GB RAM No HDD No OS
$235.90
Dell 9020 Optiplex Micro-Intel Core i5 - 1TB SSD 8GB RAM Window 11
$109.49
Dell Optiplex 3060 Sff intel Core i5-8th gen 16GB 256GB SSD win 11 Pro
$159.99
Intel - Core i7-13700K 13th Gen 16 cores 8 P-cores + 8 E-cores 30M Cache, 3.4...
$489.99
Intel - Core i9-13900K 13th Gen 24 cores 8 P-cores + 16 E-cores 36M Cache, 3 ...
$689.99
AMD Ryzen 9 5950X 16-core 32-thread Desktop Processor
$319.99
Intel - Core i9-12900K Desktop Processor 16 (8P+8E) Cores up to 5.2 GHz Unloc...
$619.99
LENOVO LEGION T7 34IMZ5 | CORE I7-11700K | 512GB | 16GB | RTX 3070 | WIN11 | NEW
$899.99
HP Elitebook Megabook AMD A8-8600B R6 10 Core 4c+6g 256gb 16gbRam Y3s23uc#aba
$90.00