Privilege Escalation in Tunnelblick by OpenVPN Technology
CVE-2012-3484

Currently unrated

Key Information:

Vendor

Google
Status
Tunnelblick
Vendor
CVE Published:
26 August 2012

What is CVE-2012-3484?

Tunnelblick versions 3.3beta20 and earlier allow local users to bypass intended access restrictions due to insufficient checks on ownership and permissions for executables. This vulnerability enables users to execute arbitrary programs via a user-mountable image or a network share, potentially compromising system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2012/08/14/1
mailing-listx_refsource_MLIST
http://code.google.com/p/tunnelblick/issues/detail?id=212
x_refsource_CONFIRM
http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.