CVE-2011-4099

The capsh program in libcap before 2.22 does not change the current working directory when the –chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Libcap	Libcap	*	2.21 (including)
Libcap	Libcap	2.00 (including)	2.00 (including)
Libcap	Libcap	2.01 (including)	2.01 (including)
Libcap	Libcap	2.02 (including)	2.02 (including)
Libcap	Libcap	2.03 (including)	2.03 (including)
Libcap	Libcap	2.04 (including)	2.04 (including)
Libcap	Libcap	2.05 (including)	2.05 (including)
Libcap	Libcap	2.06 (including)	2.06 (including)
Libcap	Libcap	2.07 (including)	2.07 (including)
Libcap	Libcap	2.08 (including)	2.08 (including)
Libcap	Libcap	2.09 (including)	2.09 (including)
Libcap	Libcap	2.10 (including)	2.10 (including)
Libcap	Libcap	2.11 (including)	2.11 (including)
Libcap	Libcap	2.12 (including)	2.12 (including)
Libcap	Libcap	2.13 (including)	2.13 (including)
Libcap	Libcap	2.14 (including)	2.14 (including)
Libcap	Libcap	2.15 (including)	2.15 (including)
Libcap	Libcap	2.16 (including)	2.16 (including)
Libcap	Libcap	2.17 (including)	2.17 (including)
Libcap	Libcap	2.18 (including)	2.18 (including)
Libcap	Libcap	2.19 (including)	2.19 (including)
Libcap	Libcap	2.20 (including)	2.20 (including)
Red Hat Enterprise Linux 6	RedHat	libcap-0:2.16-5.5.el6	*
Libcap2	Ubuntu	lucid	*
Libcap2	Ubuntu	maverick	*
Libcap2	Ubuntu	natty	*
Libcap2	Ubuntu	oneiric	*
Libcap2	Ubuntu	quantal	*
Libcap2	Ubuntu	raring	*
Libcap2	Ubuntu	saucy	*
Libcap2	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4099
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References