CVE-2021-43414
published 2021-11-07CVE-2021-43414: An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks…
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | hurd | < hurd 1:0.9.git20210404-9 (sid) | hurd 1:0.9.git20210404-9 (sid) |
| gnu | hurd | < 0.9.20210404-9 | 0.9.20210404-9 |