Информационная безопасность
[RU] switch to English


CVECVE-2007-1588
СтатусCandidate
Описаниеserver.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.
Важность
High
CVSS score7
CVSS vector(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
PhaseAssigned (21.03.2007)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1588
ReferencesCONFIRM : http://www.myserverproject.net/news.php
 MLIST : [myserver-commit] 20070210 SF.net SVN: myserver: [2183] trunk/myserver/source/server.cpp
SecurityVulns:Повышение привилегий в MyServer (privilege escalation)
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород