A security vulnerability in the VBoxNetAdpCtl configuration tool for certain Sun VirtualBox 3.0 packages may allow local unprivileged users who are authorized to run VirtualBox to execute arbitrary commands with root privileges. There are no predictable symptoms to indicate this issue has been exploited to gain elevated privileges. This issue is addressed in the following release: Sun VirtualBox 3.0.8 (for all platforms) Reproducible: Didn't try
From bug 288836 > (In reply to comment #4) >> >>> Install virtualbox-ose-3.0.8 into /var/tmp/portage/app-emulation/virtualbox-ose-3.0.8/image/ category app-emulation >> install: cannot stat `vboxwebsrv': No such file or directory >> !!! doins: vboxwebsrv does not exist >> >> USE=vboxwebsrv fails. > hi, which version of net-libs/gsoap are you using? The current stable 2.7.9f Please bring the updated ebuild into Portage and file a stabilisation request for gsoap (will be off in a minute).
(In reply to comment #1) > The current stable 2.7.9f > > Please bring the updated ebuild into Portage and file a stabilisation request > for gsoap (will be off in a minute). > Adding Patrick in CC since i cannot commit to the portage tree, ( can you please do it for me? ), the updated virtualbox-ose-3.0.8-r1 ebuild is located on jokey's overlay[1]. Filed the stabilization request for net-libs/gsoap-2.7.13 bug #289618 [1] http://overlays.gentoo.org/dev/jokey/browser/trunk/app-emulation/virtualbox-ose
*** This bug has been marked as a duplicate of bug 288836 ***
