Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ppc64-diag‘/tmp’文件本地竞争条件漏洞
Vulnerability Description
ppc64-diag是一套Linux系统故障诊断工具。该工具提供数据捕获、错误日志分析和预防性测试等功能。 ppc64-diag 2.6.1版本中存在安全漏洞,该漏洞源于程序对/tmp/diagSEsnap目录使用0775权限,没有正确限制对/tmp/diagSEsnap/snapH.tar.gz文件的访问。本地攻击者可通过读取文件利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A