Bug ID 1234688
Summary VUL-0: CVE-2024-54662: dante: incorrect access control for some sockd.conf configurations
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.6
Hardware Other
URL https://smash.suse.de/issue/433220/
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter smash_bz@suse.de
QA Contact security-team@suse.de
CC abergmann@suse.com
Target Milestone ---
Found By Security Response Team
Blocker ---

Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for
some sockd.conf configurations involving socksmethod.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-54662
https://www.cve.org/CVERecord?id=CVE-2024-54662
https://www.inet.no/dante/
https://www.inet.no/dante/advisory-2024-12-16.txt
https://bugzilla.redhat.com/show_bug.cgi?id=2332886


You are receiving this mail because: