Author: JT Smith
From LinuxSecurity.com: There is a bug in the Guardian Digital WebTool which shipped with
EnGarde Secure Linux version 1.0.1.
EnGarde Secure Linux version 1.0.1.
When the WebTool restarts a service, certain environmental variables
are inherited which should not be, such as the token used to
authenticate the administrator to the WebTool daemon. Anybody who can
view the environment variables of a process can thus get this token,
and potentially root access.
Category:
- Linux