Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/httpd to /etc/bash_completion.d. NOTE: this is an issue in the Debian packaging of the Groonga HTTP server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
groonga-httpd 竞争条件问题漏洞
Vulnerability Description
groonga-httpd是一款能够使用HTTP协议与Groonga服务器通信的程序。 groonga-httpd包6.1.5-1版本(Debian)中存在竞争条件问题漏洞。该漏洞源于网络系统或产品在运行过程中,并发代码需要互斥地访问共享资源时,对于并发访问的处理不当。
CVSS Information
N/A
Vulnerability Type
N/A