Control: retitle -1 adequate: CVE-2013-6409: privilege escalation via tty hijacking
Hi Jakub, On Thu, Nov 28, 2013 at 10:53:13AM +0100, Jakub Wilk wrote: > Package: adequate > Version: 0.4 > Severity: serious > Tags: security > Justification: user security hole > > If root uses the --user option, then the user can hijack the tty > with the TIOCSTI ioctl. > > This is similar to CVE-2005-4890. I have requested a CVE for this. CVE-2013-6409 was assigned for it. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
