Privilege Escalation via Ownership and Permissions Test Bypass in Tunnelblick
CVE-2012-3484 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access restrictions and gain privileges via a (1) user-mountable image or (2) network share.
Learn more about our Network Penetration Testing.