Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kaspersky Anti-Virus后置链接漏洞
Vulnerability Description
Kaspersky Anti-Virus是卡巴斯基公司出品的首屈一指的杀毒软件。 基于Unix/Linux文件服务器5.0-5版本的Kaspersky Anti-Virus将日志和许可目录的权限设置为通用可写入。本地用户可借助kavmonitor.log上的符号链接攻击删除日志文件,附加任意文件,或删除许可密钥及阻止keepup2date的正确执行。
CVSS Information
N/A
Vulnerability Type
N/A