FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ppxp -- local root exploit

Affected packages
0 < ppxp
0 < ja-ppxp


VuXML ID 641e8609-cab5-11d9-9aed-000e0c2e438a
Discovery 2005-05-19
Entry 2005-05-22

A Debian Advisory reports:

Jens Steube discovered that ppxp, yet another PPP program, does not release root privileges when opening potentially user supplied log files. This can be tricked into opening a root shell.


CVE Name CVE-2005-0392