RSS   Vulnerabilities for 'Tmate-ssh-server'   RSS

2021-12-07
 
CVE-2021-44512

CWE-281
 

 
World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory.

 
 
CVE-2021-44513

CWE-362
 

 
Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling.

 


Copyright 2024, cxsecurity.com

 

Back to Top