← back
CVE-2016-1611

CVE-2016-1611

EPSS 1.2%
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/40161/unverifiedexploitdbwww.exploit-db.com/exploits/40161unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/bugtraq/2016/Jul/119https://www.exploit-db.com/exploits/40161/https://www.novell.com/support/kb/doc.php?id=7017689http://www.securityfocus.com/bid/92113