PT-2021-24116 · Unknown+1 · Tmate-Ssh-Server+1

Matthias Gerstner

Published

2021-12-07

Updated

2022-05-03

CVE-2021-44512

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: tmate-ssh-server version 2.3.0

Description: The issue is related to world-writable permissions on the /tmp/tmate/sessions directory, allowing a local attacker to compromise session handling integrity or obtain a read-write session ID from a read-only session symlink in this directory.

Recommendations: For tmate-ssh-server version 2.3.0, consider changing the permissions of the /tmp/tmate/sessions directory to prevent world-writable access as a temporary workaround until a patch is available. Restrict access to this directory to minimize the risk of exploitation.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2021-44512

Affected Products

Debian

Tmate-Ssh-Server

PT-2021-24116 · Unknown+1 · Tmate-Ssh-Server+1

CVE-2021-44512

Weakness Enumeration

Related Identifiers

Affected Products

References · 11