![]() An issue was discovered in versions prior to 0.2.1 where usernames containing the `.` and `/` characters could result in the corruption of specific files on the filesystem. These files are named according to the username from which the sudo attempt is made (the origin user). ![]() Supporting this functionality is a set of session files (timestamps) for each user, stored in `/var/run/sudo-rs/ts`. Only once a configurable timeout has passed will the user have to re-authenticate themselves. Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. ![]() ![]() The identifier VDB-238637 was assigned to this vulnerability. The exploit has been disclosed to the public and may be used. The manipulation of the argument filePath leads to path traversal. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.Ī vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1. ![]() The associated identifier of this vulnerability is VDB-239863. The manipulation of the argument activepath leads to absolute path traversal. Affected by this vulnerability is an unknown functionality of the file /include/dialog/select_templets_post.php. A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |