PT-2018-4053 · Red Hat · Gofer
Kurt Seifried
·
Publicado
2018-05-04
·
Atualizado
2018-06-07
·
CVE-2012-5628
CVSS v2.0
3.6
Baixa
| Vetor | AV:L/AC:L/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
gofer versions prior to 0.68
Description
The issue allows local users to cause a denial of service by removing journal entries due to world-writable permissions for /var/lib/gofer/journal/watchdog.
Recommendations
For versions prior to 0.68, update to version 0.68 or later to resolve the issue. As a temporary workaround, consider restricting write access to the /var/lib/gofer/journal/watchdog directory to prevent unauthorized removal of journal entries.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gofer