Umich : Security Vulnerabilities, CVEs, (Code Execution)
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
Max CVSS
6.2
EPSS Score
0.04%
Published
2012-06-21
Updated
2013-03-02
1 vulnerabilities found