Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-36657

Опубликовано: 26 янв. 2023
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:uptimed_project:uptimed:*:*:*:*:*:gentoo:*:*
Версия до 0.4.6 (исключая)

EPSS

Процентиль: 17%
0.00053
Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-59

Связанные уязвимости

ubuntu логотип

CVE-2020-36657

CVSS3: 7.8
ubuntu
около 3 лет назад

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call.

debian логотип

CVE-2020-36657

CVSS3: 7.8
debian
около 3 лет назад

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to t ...

github логотип

GHSA-h9jm-ppr9-845g

CVSS3: 7.8
github
около 3 лет назад

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call.

EPSS

Процентиль: 17%
0.00053
Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-59