BID:39097

BRLTTY Runtime Library Search Path Local Privilege Escalation Vulnerability

Info

BRLTTY Runtime Library Search Path Local Privilege Escalation Vulnerability

Bugtraq ID:	39097
Class:	Unknown
CVE:	CVE-2008-3279
Remote:	No
Local:	Yes
Published:	Mar 30 2010 12:00AM
Updated:	Mar 30 2010 12:00AM
Credit:	Red Hat
Vulnerable:	Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 BRLTTY Team BRLTTY 4.1

Not Vulnerable:

Discussion

BRLTTY Runtime Library Search Path Local Privilege Escalation Vulnerability

BRLTTY is prone to an local privilege-escalation vulnerability.

Attackers can leverage this issue to gain elevated privileges on the affected application.

Exploit / POC

BRLTTY Runtime Library Search Path Local Privilege Escalation Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

BRLTTY Runtime Library Search Path Local Privilege Escalation Vulnerability

Solution:
Updates are available. Please see the references for more information.

Mandriva Linux Mandrake 2008.0 x86_64

Mandriva brltty-3.7.2-6.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64brlapi0.4.1_0-3.7.2-6.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64brlapi0.4.1_0-devel-3.7.2-6.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2008.0

Mandriva brltty-3.7.2-6.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libbrlapi0.4.1_0-3.7.2-6.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libbrlapi0.4.1_0-devel-3.7.2-6.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

References

BRLTTY Runtime Library Search Path Local Privilege Escalation Vulnerability

References:

Vendor Homepage (BRLTTY Team)