Описание
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within directories created by a script, or (2) read files created by a script, via standard filesystem system calls.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:2.0.10-1ubuntu3 |
| hardy | ignored | end of life |
| lucid | released | 1.0.10-5ubuntu2.5 |
| maverick | released | 1.0.10-5ubuntu4.4 |
| natty | released | 1:2.0.7-1ubuntu2.4 |
| oneiric | released | 1:2.0.10-1ubuntu2.3 |
| upstream | not-affected | 1:2.0.13-1 |
Показывать по
4.6 Medium
CVSS2
Связанные уязвимости
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within directories created by a script, or (2) read files created by a script, via standard filesystem system calls.
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within directories created by a script, or (2) read files created by a script, via standard filesystem system calls.
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropria ...
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within directories created by a script, or (2) read files created by a script, via standard filesystem system calls.
Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
4.6 Medium
CVSS2