Results 1 to 3 of 3
  1. #1
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007

    Default PwnKit exploit for *nix CVE-2021-4034 and Untangle

    Quite a few clients (esp those under compliance) are asking about this...and if Untangle is affected, if so, the steps to remedy...
    mikeyscott likes this.
    Resident "Geek on a Harley" in Southeast Connecticut, USA.

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Lake Tahoe


    The package affected is not loaded on NGFW. Secondly the exploit requires local access to execute. Local access is root only so it does not matter since if they are on your box, they are already root.
    nowebpresence likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Phoenix, AZ


    Yeah, I just went through this myself this morning and I concur with JCoffin's assessment.

    The exploit requires local access, which means root access is already attained. So this is yet another instance of you'd have to hack the box, to hack the box... It's a non-issue.
    Rob Sandling, BS:SWE, MCP
    Phone: 866-794-8879 x201

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2