exploitDog

GHSA-pp9m-4p4f-qmx6

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.

Ссылки

EPSS

Процентиль: 13%

0.00044

Низкий

CVE ID

Связанные уязвимости

CVE-2006-4233

nvd

больше 19 лет назад

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.

EPSS

Процентиль: 13%

0.00044

Низкий

CVE ID