EnGarde: ‘WebTool’ environment vulnerability

May 30, 2001

Author: JT Smith

From LinuxSecurity.com: There is a bug in the Guardian Digital WebTool which shipped with
EnGarde Secure Linux version 1.0.1.

When the WebTool restarts a service, certain environmental variables
are inherited which should not be, such as the token used to
authenticate the administrator to the WebTool daemon. Anybody who can
view the environment variables of a process can thus get this token,
and potentially root access.

Category:

Linux

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR