Unchecked Return Value in setuid Function Allows Privilege Escalation in Super 3.30.0

Unchecked Return Value in setuid Function Allows Privilege Escalation in Super 3.30.0

CVE-2014-0470 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack.

Learn more about our User Device Pen Test.