Abstract
The s3dvt developers forgot to review all the code. There is still a vulnerable function as in the previous CVE-2013-6876 - s3dvt_0.2.2 root shell vulnerability.
The bug as previous one is caused by not checking the return values of setuid() and getuid() calls. The process must not continue its normal execution when any of these calls fail (return an error) to drop privileges.
The bug as previous one is caused by not checking the return values of setuid() and getuid() calls. The process must not continue its normal execution when any of these calls fail (return an error) to drop privileges.
Original language | English |
---|---|
Type | CVE-2014-1226 |
Publisher | http://hmarco.org |
Publication status | Published - 25 Mar 2014 |