Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GForge authorized_keys文件任意文件复写漏洞
Vulnerability Description
GForge是一款PHP开源协同开发软件平台。GForge 4.5.14, 4.7 rc2,以及4.8.2允许本地用户借助对用户主页authorized_keys文件的symlink攻击复写任意文件,与deb-specific/ssh_dump_update.pl和cronjobs/cvs-cron/ssh_create.php相关。
CVSS Information
N/A
Vulnerability Type
N/A