NuytsTech Security

CVE-2009-2657

by ·

nilfs-utils before 2.0.14 installs multiple programs with unnecessary setuid privileges, which allows local users to execute arbitrary commands via the device string in a -c command line option to mkfs.nilfs2.

Date published : 2009-08-04

http://www.nilfs.org/git/?p=nilfs2-utils.git;a=commitdiff;h=5c95a57102e23e6982467cbe23e922450d3f38ed

http://www.nilfs.org/git/?p=nilfs2-utils.git;a=commitdiff;h=a5cb60e624e4863c8d6feaf2ea8791abb48d6f15

Tags: