Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Micro Focus Cobol本地任意命令执行漏洞
Vulnerability Description
Micro Focus Cobol是一款由Merant开发的Unix平台下的开发套件。 当Micro Focus Cobol的'Apptrack'功能使用的时候某个脚本以不安全文件权限安装,本地攻击者可以利用这个漏洞提升权限。 如果Micro Focus Cobol的'Apptrack'功能开启的情况下,/var/mfaslmf以777模式安装,/var/mfaslmf/nolicense以666模式安装,nolicense包含如下脚本: # Append into a logfile if test !
CVSS Information
N/A
Vulnerability Type
N/A