漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gentoo/Debian Linux 权限和访问控制漏洞
Vulnerability Description
当被Gentoo和Debian Linux使用时,ftpd会在运行/bin/ls前将gid设置成有效的uid而不是有效的群id,这使得远程认证用户可以列出含有gid 0特权的任意目录以及可能激活额外的攻击向量。
CVSS Information
N/A
Vulnerability Type
N/A