CVE-2011-3151
SELinux initscript misuse of touch
The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem.
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →