Описание
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:chetcpasswd:chetcpasswd:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:chetcpasswd:chetcpasswd:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:chetcpasswd:chetcpasswd:2.4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00056
Низкий
6.2 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 22 лет назад
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2. ...
github
больше 3 лет назад
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
EPSS
Процентиль: 17%
0.00056
Низкий
6.2 Medium
CVSS2
Дефекты
NVD-CWE-Other