opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/OpenRC/opentmpfiles/issues/4 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-26T17:58:19
Updated: 2024-08-05T21:45:24.673Z
Reserved: 2020-10-26T00:00:00
Link: CVE-2017-18925
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-10-26T18:15:14.090
Modified: 2020-10-30T18:23:30.623
Link: CVE-2017-18925
Redhat
No data.