MidnightBSD

Advisories for steven_schaefer

CVE-2004-2611 MEDIUM

The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
steven_schaefer sophster 0.9.5_r12
steven_schaefer sophster 0.9.6_r1
steven_schaefer sophster 0.9.6_r2
steven_schaefer sophster 0.9.6_r3
steven_schaefer sophster 0.9.5_r15
steven_schaefer sophster 0.9.5_r10
steven_schaefer sophster 0.9.5_r8