exploitDog

GHSA-5h99-8m23-j8rf

Опубликовано: 30 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.

Ссылки

EPSS

Процентиль: 25%

0.00083

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-281

Связанные уязвимости

CVE-2001-0195

CVSS3: 7.8

nvd

почти 25 лет назад

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.

EPSS

Процентиль: 25%

0.00083

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-281