Caldera Dump Package rmt Local Privilege Escalation
Local Access Required
Attack Type Unknown
Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
Dump contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to the rmt program in the dump package having serveral security problems. No further details have been provided. This flaw may allow a local attacker to obtain super user privilege, resulting in a loss of confidentiality, integrity and avaiability.
Upgrade to version 0.4b4-3 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): Disable the setuid bit on /sbin/rmt