Package: wicd
Severity: critical
Tags: security
Justification: root security hole
It was discovered, wicd in any version supported by Debian (i.e. stable,
testing and unstable) yields to local privilege escalation by injecting
arbitrary code through the DBus interface due to incomplete input
On Wed, 11 Apr 2012 17:27:10 +0200, Arno Töll wrote:
It was discovered, wicd in any version supported by Debian (i.e. stable,
testing and unstable) yields to local privilege escalation by injecting
arbitrary code through the DBus interface due to incomplete input
sanitation.
I've briefly
Hi,
* Arno Töll a...@debian.org [2012-04-11 17:32]:
Package: wicd
Severity: critical
Tags: security
Justification: root security hole
It was discovered, wicd in any version supported by Debian (i.e. stable,
testing and unstable) yields to local privilege escalation by injecting
arbitrary
On Wed, Apr 11, 2012 at 05:27:10PM +0200, Arno Töll wrote:
I've briefly verified offending code against the Squeeze and Sid version
of the package but I didn't try to reproduce the steps to exploit wicd.
I did try the steps, or a variation on them, and confirmed that the package
is exploitable.
On Wed, 11 Apr 2012 21:51:16 +0100, Jonathan Wiltshire wrote:
On Wed, Apr 11, 2012 at 05:27:10PM +0200, Arno Töll wrote:
I've briefly verified offending code against the Squeeze and Sid version
of the package but I didn't try to reproduce the steps to exploit wicd.
I did try the steps, or
5 matches
Mail list logo