frox 0.7.18, when running setuid root, does not properly drop privileges when reading a configuration file, which allows local users to read portions of arbitrary files via the -f command line option.
References
Link | Resource |
---|---|
http://www.securityfocus.com/archive/1/409667 | Exploit Vendor Advisory |
http://www.securityfocus.com/bid/14711 | Exploit |
Configurations
History
No history.
Information
Published : 2005-09-07 18:03
Updated : 2024-02-04 16:52
NVD link : CVE-2005-2807
Mitre link : CVE-2005-2807
CVE.ORG link : CVE-2005-2807
JSON object : View
Products Affected
frox
- frox
CWE