SecuritySpace - CVE-2017-14609

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-14609

Description: The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non- root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by bearerbox.

Test IDs: 1.3.6.1.4.1.25623.1.0.140386

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-14609
https://redmine.kannel.org/issues/771

CVE ID:	CVE-2017-14609
Description:	The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non- root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by bearerbox.
Test IDs:	1.3.6.1.4.1.25623.1.0.140386
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-14609 https://redmine.kannel.org/issues/771