# | VER | L/R | AUTH | S | REPORTED | TYPE | DESCRIPTION |
01 | 1.322 | L | Y | N | 09/01/2008 | design issue | uid and gid reuse issues |
02 | 1.322 | L | Y | N | 09/03/2008 | symlink | resellers can control any file |
03 | 1.322 | L | Y/N | N | 09/07/2008 | permissions | insecure default majordomo setup |
04 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
05 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
06 | 1.351 | L | Y | N | unreported | undisclosed | XSS |
07 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
08 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
09 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
10 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
11 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
12 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
13 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
14 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
15 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
16 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
17 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
18 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
19 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
20 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
21 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
22 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
23 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
24 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
25 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
26 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
27 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
28 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
29 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain sensitive info |
30 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
31 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
32 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
33 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
34 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
35 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can destroy data |
36 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
37 | 1.351 | L | Y | N | unreported | undisclosed | local users can obtain sensitive info |
38 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
39 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
40 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
41 | 1.351 | L | Y | N | unreported | undisclosed | local users can obtain sensitive info |
42 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can destroy data |
43 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
44 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
45 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
46 | 1.351 | L | Y | N | unreported | undisclosed | local DA users can obtain root privs |
Trivial | very minor issues |
Low | XSS, info leaks |
Medium | destructive actions, access others' accounts |
High | local root (auth required), /root/.accesshash, /etc/shadow access |
Less Critical | local root (no auth required) |
Critical | remote root (no auth required) |
L/R | Local/Remote |
Auth | Authentication required |
S | Bug found via source code review |