Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cdrecord | Cdrtools | 1.11 (including) | 1.11 (including) |
Cdrecord | Cdrtools | 2.0 (including) | 2.0 (including) |