Описание
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-1200
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100207
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3UCBCIN6M5EXFET4RGQTVSSL5S57XCH
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBKV7AT6O3FGQ735PFOGQ4Q5VODMSHE5
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XDCG7YJRDOR66V3WJDQPLMFSDULQDADC
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3UCBCIN6M5EXFET4RGQTVSSL5S57XCH
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBKV7AT6O3FGQ735PFOGQ4Q5VODMSHE5
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XDCG7YJRDOR66V3WJDQPLMFSDULQDADC
- http://seclists.org/oss-sec/2015/q1/177
- http://www.securityfocus.com/bid/72101
Связанные уязвимости
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for t ...