FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
nothing found there
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
|1cd565da-455e-41b7-a5b9-86ad8e81e33e||seatd-launch -- remove files with escalated privileges with SUID|
Kenny Levinsen reports:
seatd-launch could use a user-specified socket path instead of the
internally generated socket path, and would unlink the socket path
before use to guard against collision with leftover sockets. This
meant that a caller could freely control what file path would be
unlinked and replaced with a user-owned seatd socket for the duration
of the session.
If seatd-launch had the SUID bit set, this could be used by a
malicious user to remove files with the privileges of the owner of
seatd-launch, which is likely root, and replace it with a user-owned
This does not directly allow retrieving the contents of existing
files, and the user-owned socket file is at the current time not
believed to be directly useful for further exploitation.
ge 0.6.0 lt 0.6.4