Описание
The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:steven_schaefer:sophster:0.9.5_r8:*:*:*:*:*:*:*
cpe:2.3:a:steven_schaefer:sophster:0.9.5_r10:*:*:*:*:*:*:*
cpe:2.3:a:steven_schaefer:sophster:0.9.5_r12:*:*:*:*:*:*:*
cpe:2.3:a:steven_schaefer:sophster:0.9.5_r15:*:*:*:*:*:*:*
cpe:2.3:a:steven_schaefer:sophster:0.9.6_r1:*:*:*:*:*:*:*
cpe:2.3:a:steven_schaefer:sophster:0.9.6_r2:*:*:*:*:*:*:*
cpe:2.3:a:steven_schaefer:sophster:0.9.6_r3:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00056
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities.
EPSS
Процентиль: 17%
0.00056
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other