Описание
Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 0.1.14.17-1 |
| edgy | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | released | 0.1.14.17-1 |
| intrepid | released | 0.1.14.17-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.9 Medium
CVSS2
Связанные уязвимости
Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569.
Race condition in the create_lockpath function in policyd-weight 0.1.1 ...
Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569.
Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.9 Medium
CVSS2