Beagle Insecure Path Arbitrary Code Execution Vulnerability
BID:17195
Info
Beagle Insecure Path Arbitrary Code Execution Vulnerability
| Bugtraq ID: | 17195 |
| Class: | Design Error |
| CVE: |
CVE-2006-1296 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 22 2006 12:00AM |
| Updated: | Jul 12 2009 05:56PM |
| Credit: | James McCaw discovered this vulnerability. |
| Vulnerable: |
Redhat Fedora Core5 |
| Not Vulnerable: | |
Discussion
Beagle Insecure Path Arbitrary Code Execution Vulnerability
Beagle is susceptible to an insecure path vulnerability that can lead to arbitrary code execution.
This issue can allow attackers to place malicious code in a publicly writeable directory and can cause the code to be executed by beagle wrapper scripts. This would result in the execution of arbitrary code with the privileges of the user running the vulnerable application.
Beagle is susceptible to an insecure path vulnerability that can lead to arbitrary code execution.
This issue can allow attackers to place malicious code in a publicly writeable directory and can cause the code to be executed by beagle wrapper scripts. This would result in the execution of arbitrary code with the privileges of the user running the vulnerable application.
Exploit / POC
Beagle Insecure Path Arbitrary Code Execution Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Beagle Insecure Path Arbitrary Code Execution Vulnerability
Solution:
Red Hat has released security advisory FEDORA-2006-188 to address this issue.
Solution:
Red Hat has released security advisory FEDORA-2006-188 to address this issue.