Re: [SECURITY] [DSA 522-1] New super packages fix format string vulnerability
On Sat, Jun 19, 2004 at 11:46:37AM +0200, Bernhard Kuemel wrote:
> Matt Zimmerman wrote:
>
> >Package : super
> >Vulnerability : format string
> >Problem-Type : remote
>
> >Max Vozeler discovered a format string vulnerability in super, a
> >program to allow specified users to execute commands with root
> >privileges. This vulnerability could potentially be exploited by a
> >local user to execute arbitrary code with root privileges.
>
> Why is the problem remote, when it can be exploited by a local user?
Late night.
--
- mdz
Reply to: