Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2012-08-26T19:00:00
Updated: 2013-12-10T15:57:00
Reserved: 2012-06-14T00:00:00
Link: CVE-2012-3485
JSON object: View
NVD Information
Status : Modified
Published: 2012-08-26T19:55:02.043
Modified: 2013-12-13T05:03:03.297
Link: CVE-2012-3485
JSON object: View
Redhat Information
No data.
CWE