CVE-2017-8849 - log back

CVE-2017-8849 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Privilege escalation
Description
+ Smb4k <= 2.0.0 contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run. This allows calling any other binary as root since the mount helper is typically installed as suid.
References
+ https://www.kde.org/info/security/advisory-20170510-2.txt
+ http://seclists.org/oss-sec/2017/q2/240
+ https://commits.kde.org/smb4k/a90289b0962663bc1d247bbbd31b9e65b2ca000e
Notes