PT-2015-4976 · Labtech · Labtech
Iwan Boskamp
·
Publicado
2015-02-01
·
Atualizado
2015-02-03
·
CVE-2015-0926
CVSS v2.0
6.8
Média
| Vetor | AV:L/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Labtech versions prior to 100.237
Description
The issue allows local users to gain privileges by modifying a script file due to world-writable permissions for root-executed scripts on Linux.
Recommendations
For versions prior to 100.237, update to version 100.237 or later to resolve the issue. As a temporary workaround, consider restricting write access to the script files to prevent unauthorized modifications.
Correção
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Labtech