CVE-2014-9091

Published: Dec 10, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20141125 Re: Re: CVE request: icecast: possible leak of on-connect scripts

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=1168146

x_refsource_CONFIRM

https://trac.xiph.org/changeset/19137/

x_refsource_CONFIRM

http://icecast.org/news/icecast-release-2_4_0/

x_refsource_CONFIRM

[oss-security] 20141126 Re: CVE request: icecast: possible leak of on-connect scripts

mailing-list

x_refsource_MLIST

openSUSE-SU-2014:1591

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-9091

Description

Affected Products

References