Описание
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 0.3.4-1.1 |
| hardy | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 0.3.1-1ubuntu1.2 |
| maverick | released | 0.3.4-1ubuntu0.1 |
| upstream | released | 0.3.4-1.1 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 15%
0.00048
Низкий
6.9 Medium
CVSS2
Связанные уязвимости
nvd
около 15 лет назад
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
debian
около 15 лет назад
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PA ...
github
больше 3 лет назад
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
EPSS
Процентиль: 15%
0.00048
Низкий
6.9 Medium
CVSS2