CVE-2017-7560
13.09.2017, 17:29
It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.Enginsight
| Vendor | Product | Version |
|---|---|---|
| redhat | rhnsd | - |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration
- CWE-377 - Insecure Temporary FileCreating and using insecure temporary files can leave application and system data vulnerable to attack.
- CWE-732 - Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.