Sendfile Local Arbitrary Command Execution as Group 0 Vulnerability

A vulnerability exists in the Sendfile asynchronous file transfer daemon.

Failure by the sendfile daemon (sendfiled) to validate a user-supplied configuration value could allow a local user to execute arbitrary code and gain group 0 privileges.

This may lead to a further compromise on some systems.

Update: There is a serialization error which can result in privileges not being dropped properly. In conjunction with such behaviour, this vulnerability can be used to obtain user root privileges. If exploited, it would be a complete system compromise.


Privacy Statement
Copyright 2010, SecurityFocus