Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for (1) eccert.pl and (2) ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Electric Cloud ElectricCommander 权限许可和访问控制漏洞
Vulnerability Description
Electric Cloud ElectricCommander是美国Electric Cloud公司的一套支持对全球性分布的软件开发项目进行编译、测试、发布管理的解决方案。该方案可在实际和虚拟的IT环境中实现分布式开发、自动化测试、编译管理和编译加速等。 Electric Cloud ElectricCommander 4.2.6之前版本和5.0.3之前5.x版本中存在安全漏洞,该漏洞源于eccert.pl和ecconfigure.pl脚本使用全局可写权限。本地攻击者可通过修改文件利用该漏洞执行任意Pe
CVSS Information
N/A
Vulnerability Type
N/A