52098 – security/fuzz: privilege escalation bug

Bug 52098 - security/fuzz: privilege escalation bug

Summary: security/fuzz: privilege escalation bug

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-05-12 10:20 UTC by Jim Geovedi
Modified:	2003-05-21 16:41 UTC (History)
CC List:	0 users

See Also:

Attachments
fuzz.diff (1.18 KB, patch) 2003-05-12 10:20 UTC, Jim Geovedi	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jim Geovedi 2003-05-12 10:20:07 UTC

	fuzz creates a temporary file without taking appropriate security
	precautions.  This bug could allow an attacker to gain the privileges
	of the user invoking fuzz, excluding root (fuzz does not allow itself
	to be invoked as root).

Comment 1 Foxfair Hu freebsd_committer

2003-05-21 16:40:58 UTC

State Changed
From-To: open->closed

Committed, thanks!