The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges.
References
Link | Resource |
---|---|
http://it.slashdot.org/it/07/07/18/0319203.shtml | |
http://linuxfr.org/forums/15/22562.html | |
http://www.securityfocus.com/bid/24953 | Vendor Advisory |
http://secunia.com/advisories/26092 | Vendor Advisory |
http://osvdb.org/38214 |
Configurations
Information
Published : 2007-07-20 17:30
Updated : 2008-11-14 22:54
NVD link : CVE-2007-3931
Mitre link : CVE-2007-3931
JSON object : View
CWE
Products Affected
samsung
- scx-4200_driver