Описание
The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 0.32.11 (включая)
Одно из
cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*
cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00252
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
почти 12 лет назад
The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges.
debian
почти 12 лет назад
The install script in Domain Technologie Control (DTC) before 0.34.1 g ...
github
больше 3 лет назад
The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges.
EPSS
Процентиль: 48%
0.00252
Низкий
7.5 High
CVSS2
Дефекты
CWE-264