|
|
CVE Reference: CVE-2006-2194 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2194 |
|
|
Description: The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/usn-310-1 SAID Secunia Advisory: SA20987 Secunia Advisory: SA20996 Secunia Advisory: SA20967 Secunia Advisory: SA20963 OSVDB 26994 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:119 DEBIAN http://www.debian.org/security/2006/dsa-1106 BID 18849 |
|
| Return to the previous page. |
