Title : Debian Security Update Fixes ppxp Privilege Escalation Issue VUPEN ID : VUPEN/ADV-2005-0581 CVE ID : CVE-2005-0392 CWE ID : CWE-
Rated as : Moderate Risk
Remotely Exploitable : No Locally Exploitable : Yes Release Date : 2005-05-20
Technical Description
Debian has released a security patch to correct a vulnerability identified in ppxp. This flaw is due to insecure permissions when opening user supplied log files, which may be exploited by malicious local attackers to obtain elevated ("root") privileges.
