Improper input validation in Litech Router_advertisement_daemon

CVE-2011-3603

The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (19.7th percentile) — read the EPSS interpretation.

Affected products

Litech Router_advertisement_daemon
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

[oss-security] 20111007 radvd 1.8.2 released with security fixes (mailing-list, x_refsource_MLIST)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_MISC)