Описание
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | anaconda | Not affected | ||
| Red Hat Enterprise Linux 6 | anaconda | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-732
https://bugzilla.redhat.com/show_bug.cgi?id=819031anaconda: Weak permissions by writing password configuration file in bootloader configuration module
6.2 Medium
CVSS2
Связанные уязвимости
nvd
больше 13 лет назад
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
github
больше 3 лет назад
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
6.2 Medium
CVSS2