Vulnerabilities > Joerg Schilling > Star Tape Archiver
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-23 | CVE-2004-0850 | Local SetUID vulnerability in Joerg Schilling Star Tape Archiver 1.5A45 Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to reference a malicious program. | 7.2 |