Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Superuser "su --daemon" vulnerability on Android >= 4.3
Nov 13 2013 07:27PM
Kevin Cernekee (cernekee gmail com)
Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser
package may allow restricted local users to execute arbitrary commands
as root in certain, non-default device configurations.
Android 4.3 introduced the concept of "restricted profiles," created
through the Settings -> Users menu. A ...
[ more ]
Copyright 2010, SecurityFocus