CVE-2013-6889

CVE-2013-6889

EPSS 0.5%

GNU Rush 1.7 does not properly drop privileges, which allows local users to read arbitrary files via the --lint option.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://git.gnu.org.ua/gitweb?p=rush.git%3Ba=commit%3Bh=00bdccd429517f12dbf37ab4397ddec3e51a2738 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733505