FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnutls -- file overwrite by setuid programs

Affected packages
3.4.12 <= gnutls < 3.4.13

Details

VuXML ID 9c196cfd-2ccc-11e6-94b0-0011d823eebd
Discovery 2016-06-06
Entry 2016-06-07

gnutls.org reports:

Setuid programs using GnuTLS 3.4.12 could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem.

References

URL https://gnutls.org/security.html#GNUTLS-SA-2016-1