Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Globus Toolkit symlink攻击敏感信息泄露漏洞
Vulnerability Description
2006年8月15日之前发布的Globus Toolkit 3.2.x,4.0.x和4.1.0版本允许本地用户借助对/tmp目录下的临时文件发起symlink攻击,来获取敏感信息(代理服务器证书),并覆盖任意文件。如通过由(1) myproxy-admin-adduser,(2) grid-ca-sign和 (3) grid-security-config创建的文件。
CVSS Information
N/A
Vulnerability Type
N/A