CVE-2009-0876

Published: Mar 12, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

34080

vdb-entry

x_refsource_BID

xvmvirtualbox-unspecified-priv-escalation(49193)

vdb-entry

x_refsource_XF

ADV-2009-0674

vdb-entry

x_refsource_VUPEN

[oss-security] 20090316 CVE-2009-0876 (VirtualBox) references

mailing-list

x_refsource_MLIST

https://bugs.gentoo.org/show_bug.cgi?id=260331

x_refsource_CONFIRM

[oss-security] 20090317 Re: CVE-2009-0876 (VirtualBox) references

mailing-list

x_refsource_MLIST

http://www.virtualbox.org/ticket/3444

x_refsource_CONFIRM

1021841

vdb-entry

x_refsource_SECTRACK

34232

third-party-advisory

x_refsource_SECUNIA

52580

vdb-entry

x_refsource_OSVDB

254568

vendor-advisory

x_refsource_SUNALERT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-0876

Description

Affected Products

References