CVE-2013-6825 Information

Description

(1) movescu.cc and (2) storescp.cc in dcmnet/apps/ (3) dcmnet/libsrc/scp.cc (4) dcmwlm/libsrc/wlmactmg.cc (5) dcmprscp.cc and (6) dcmpsrcv.cc in dcmpstat/apps/ (7) dcmpstat/tests/msgserv.cc and (8) dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call which allows local users to gain privileges by creating a large number of processes.

Reference

http://git.dcmtk.org/web?p=dcmtk.git;a=blob;f=CHANGES.361 http://packetstormsecurity.com/files/126883/DCMTK-Privilege-Escalation.html http://seclists.org/fulldisclosure/2014/Jun/11 http://secunia.com/advisories/58916 http://www.securityfocus.com/archive/1/532261/100/0/threaded http://www.securityfocus.com/bid/67784