Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-gc95-jc79-5q6h

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 8.1

Описание

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)

Ссылки

EPSS

Процентиль: 90%
0.05192
Низкий

8.1 High

CVSS3

CVE ID

CVE-2020-7040

Дефекты

CWE-59

Связанные уязвимости

ubuntu логотип

CVE-2020-7040

CVSS3: 8.1
ubuntu
около 6 лет назад

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)

nvd логотип

CVE-2020-7040

CVSS3: 8.1
nvd
около 6 лет назад

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)

debian логотип

CVE-2020-7040

CVSS3: 8.1
debian
около 6 лет назад

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBack ...

suse-cvrf логотип

openSUSE-SU-2020:0119-1

suse-cvrf
около 6 лет назад

Security update for storeBackup

EPSS

Процентиль: 90%
0.05192
Низкий

8.1 High

CVSS3

CVE ID

CVE-2020-7040

Дефекты

CWE-59