BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Superuser "su --daemon" vulnerability on Android >= 4.3 Nov 13 2013 07:27PM
Kevin Cernekee (cernekee gmail com)
Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser
package may allow restricted local users to execute arbitrary commands
as root in certain, non-default device configurations.

Android 4.3 introduced the concept of "restricted profiles," created
through the Settings -> Users menu. A ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus