Описание
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Одновременно
Одновременно
EPSS
8.5 High
CVSS2
Дефекты
Связанные уязвимости
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors.
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effectiv ...
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors.
EPSS
8.5 High
CVSS2