Описание
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.7 (включая)
cpe:2.3:a:jetico:bestcrypt:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.
EPSS
Процентиль: 19%
0.00061
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other