Vserver » Util-vserver : Security Vulnerabilities, CVEs,
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities.
Max CVSS
7.5
EPSS Score
0.04%
Published
2005-12-31
Updated
2017-07-20
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root.
Max CVSS
7.2
EPSS Score
0.04%
Published
2006-04-06
Updated
2008-09-05
2 vulnerabilities found