Описание
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bareftp:bareftp:0.3.4:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00048
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
ubuntu
около 15 лет назад
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
debian
около 15 лет назад
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PA ...
github
больше 3 лет назад
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
EPSS
Процентиль: 15%
0.00048
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-20