CVE-2010-2929 Information

Description

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable which is used during execution of the (1) route (2) mv and (3) cp programs a different vulnerability than CVE-2010-1671.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590670 http://ftp.de.debian.org/debian/pool/main/h/hsolink/hsolink_1.0.118.orig.tar.gz http://osvdb.org/66837 https://exchange.xforce.ibmcloud.com/vulnerabilities/60877