FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cdrdao -- unspecified privilege escalation vulnerability

Affected packages
cdrdao < 1.2.0

Details

VuXML ID d51a7e6e-c546-11d9-9aed-000e0c2e438a
Discovery 2005-05-13
Entry 2005-05-19

The developers of cdrdao report that there is a potential root exploit in the software. In order to be able to succesfully exploit this vulnerability cdrdao must be installed setuid root. When succesfully exploited a local user might get escalated privileges. By default this port is not installed setuid root.

References

URL http://secunia.com/advisories/15354/
URL http://sourceforge.net/forum/forum.php?forum_id=466399

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.