Privilege Escalation via Shell Metacharacters in mntd Configuration File

Privilege Escalation via Shell Metacharacters in mntd Configuration File

CVE-2004-2610 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file.

Learn more about our User Device Pen Test.