Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-4210
Description:fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-4210
BugTraq ID: 31368
Debian Security Information: DSA-1653 (Google Search)
RedHat Security Advisories: RHSA-2008:0787
RedHat Security Advisories: RHSA-2008:0957
RedHat Security Advisories: RHSA-2008:0972
RedHat Security Advisories: RHSA-2008:0973
SuSE Security Announcement: SUSE-SA:2008:051 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:056 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:057 (Google Search)
SuSE Security Announcement: SUSE-SR:2008:025 (Google Search)
XForce ISS Database: linux-kernel-open-privilege-escalation(45539)

© 1998-2021 E-Soft Inc. All rights reserved.