kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Kdocker | Kdocker | 0.1 (including) | 0.1 (including) |
| Kdocker | Kdocker | 0.2 (including) | 0.2 (including) |
| Kdocker | Kdocker | 0.3 (including) | 0.3 (including) |
| Kdocker | Kdocker | 0.4 (including) | 0.4 (including) |
| Kdocker | Kdocker | 0.5 (including) | 0.5 (including) |
| Kdocker | Kdocker | 0.6 (including) | 0.6 (including) |
| Kdocker | Kdocker | 0.7 (including) | 0.7 (including) |
| Kdocker | Kdocker | 0.8 (including) | 0.8 (including) |
References
- http://cvs.sourceforge.net/viewcvs.py/kdocker/kdocker/src/kdocker.cpp?r1=1.10\u0026r2=1.11\u0026sortby=log
- http://secunia.com/advisories/12828
- http://securitytracker.com/id?1011688
- http://sourceforge.net/forum/forum.php?forum_id=414631
- http://www.osvdb.org/10729
- http://www.securityfocus.com/bid/11419
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17718
- http://cvs.sourceforge.net/viewcvs.py/kdocker/kdocker/src/kdocker.cpp?r1=1.10\u0026r2=1.11\u0026sortby=log
- http://secunia.com/advisories/12828
- http://securitytracker.com/id?1011688
- http://sourceforge.net/forum/forum.php?forum_id=414631
- http://www.osvdb.org/10729
- http://www.securityfocus.com/bid/11419
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17718