Описание
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.1 (исключая)
cpe:2.3:a:fishshell:fish:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 7.8
ubuntu
почти 8 лет назад
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
CVSS3: 7.8
debian
почти 8 лет назад
fish before 2.1.1 allows local users to write to arbitrary files via a ...
CVSS3: 7.8
github
больше 3 лет назад
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
EPSS
Процентиль: 10%
0.00035
Низкий
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-59