Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Secunia CSI Agent‘/etc/csia_config.xml’不安全文件权限漏洞
Vulnerability Description
Secunia CSI(Corporate Software Inspector)是丹麦Secunia公司的一款安全漏洞扫描器,它主要用于评估运行在微软Windows PC中的应用程序的安全状态,并对漏洞进行修复。 Secunia CSI Agent中存在安全漏洞,该漏洞源于当运行在Red Hat Linux平台时,程序对/etc/csia_config.xml文件使用全局可读和全局可写权限。本地攻击者可通过修改此文件利用该漏洞更改CSI Agent配置。以下版本受到影响:Secunia CSI Agen
CVSS Information
N/A
Vulnerability Type
N/A