CVE Vulnerabilities

CVE-2007-1588

Published: Mar 21, 2007 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.

Affected Software

Name Vendor Start Version End Version
Myserver Myserver 0.8.5 (including) 0.8.5 (including)

References