Vulnerability CVE-2020-36772


Published: 2024-01-22

Description:
CloudLinux
CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to
the sendmail proxy command. This allows local users to read and write
arbitrary files outside the CageFS environment in a limited way.

See advisories in our WLB2 database:
Topic
Author
Date
High
CloudLinux CageFS 7.0.8-2 Insufficiently Restricted Proxy Command
David Gnedt
26.01.2024

 References:
https://blog.cloudlinux.com/lve-manager-lve-stats-lve-utils-and-alt-python27-cllib-have-been-rolled-out-to-100

Copyright 2024, cxsecurity.com

 

Back to Top