NuytsTech Security

CVE-2007-1588

by ·

server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.

Date published : 2007-03-21

http://www.myserverproject.net/news.php

http://sourceforge.net/mailarchive/forum.php?thread_id=31631045&forum_id=47875

Tags: