gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts.
References
Configurations
History
No history.
Information
Published : 2011-07-07 21:55
Updated : 2024-02-28 11:41
NVD link : CVE-2011-1946
Mitre link : CVE-2011-1946
CVE.ORG link : CVE-2011-1946
JSON object : View
Products Affected
hongli_lai
- libgnomesu
CWE
CWE-264
Permissions, Privileges, and Access Controls