CVE-2005-3268

CVE-2005-3268

EPSS 0.4%

yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334616 http://secunia.com/advisories/17242 http://www.osvdb.org/20074 http://www.securityfocus.com/bid/15140