DEBIAN-CVE-2013-6825
- Source
- https://security-tracker.debian.org/tracker/CVE-2013-6825
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2013-6825.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2013-6825
- Upstream
- Published
- 2014-06-10T14:55:09.083Z
- Modified
- 2025-11-19T02:02:50.675672Z
- Summary
- [none]
- Details
-
(1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) dcmnet/libsrc/scp.cc, (4) dcmwlm/libsrc/wlmactmg.cc, (5) dcmprscp.cc and (6) dcmpsrcv.cc in dcmpstat/apps/, (7) dcmpstat/tests/msgserv.cc, and (8) dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by creating a large number of processes.
- References
Affected packages
Debian:11 / dcmtk
Package
- Name
- dcmtk
- Purl
- pkg:deb/debian/dcmtk?arch=source
Debian:12 / dcmtk
Package
- Name
- dcmtk
- Purl
- pkg:deb/debian/dcmtk?arch=source
Debian:13 / dcmtk
Package
- Name
- dcmtk
- Purl
- pkg:deb/debian/dcmtk?arch=source
Debian:14 / dcmtk
Package
- Name
- dcmtk
- Purl
- pkg:deb/debian/dcmtk?arch=source