xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
oryginał ENCVSS Vector
AV:L/AC:M/Au:N/C:P/I:P/A:PSUSE Opensuse
OSSuse10.2SUSE Linux
OSSuse1.01010.010.110.288.09.09.19.29.3SUSE Linux Openexchange Server
APPSuse4.0SUSE Linux School Server
APPSusegoldSUSE Linux Standard Server
APPSuse8.0SUSE Open Enterprise Server
APPSuse9SUSE United Linux
OSSuse1.0Xfsdump
APPXfsdump2.2.38
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje
Powiązane podatności
CVE-2011-0469CRITICAL9.8ten sam produkt
Code injection in openSUSE when running some source services used in the open build service 2.1 before March 1...
CVE-2002-0083CRITICAL9.8ten sam produkt
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious serve...
CVE-1999-0426CRITICAL9.8ten sam produkt
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
CVE-2024-12085HIGH7.5ten sam produkt
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an att...
CVE-2017-3224HIGH8.2ten sam produkt
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LS...