CVE-2011-2490

NameCVE-2011-2490
Descriptionopielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2281-1
Debian Bugs631345

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
opiesourcelenny2.32-10.2+lenny2DSA-2281-1
opiesourcesqueeze2.32.dfsg.1-0.2+squeeze1DSA-2281-1
opiesource(unstable)(unfixed)631345

Search for package or bug name: Reporting problems