MidnightBSD

Advisories for paul_jarc

CVE-2001-1324 MEDIUM

cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_jarc idtools 2001-05-31
paul_jarc idtools 2001-06-08