Multiple Vendor Linux Usermode Package Vulnerability

A vulnerability exists in the usermode package shipped with various Linux distributions. It has been discovered that proper authentication does not occur when a local user invokes the 'shutdown' utility to enter 'single user' mode. Once 'single user' mode has been entered, the unauthorized user will have gained root privileges.


 

Privacy Statement
Copyright 2010, SecurityFocus