RSS   Vulnerabilities for 'Opentmpfiles'   RSS

2020-10-26
 
CVE-2017-18925

CWE-59
 

 
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.

 
2018-02-14
 
CVE-2017-18188

CWE-59
 

 
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.

 


Copyright 2024, cxsecurity.com

 

Back to Top