漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16134.
CVSS Information
N/A
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
Parallels Access 安全漏洞
Vulnerability Description
Parallels Access是美国Parallels公司的一个平行访问应用程序。能够从任何地方对您的计算机进行最快、最简单、最可靠的远程访问。 Parallels Access 6.5.4 (39316)版本存在安全漏洞,该漏洞源于。此漏洞允许本地攻击者在受影响的Parallels Access安装中提升权限。攻击者必须首先获得在目标系统上执行低权限代码的能力,才能利用此漏洞。具体漏洞存在于Parallels服务中。通过创建符号链接,攻击者可以滥用该服务来执行文件。攻击者可利用此漏洞提升权限并在SYS
CVSS Information
N/A
Vulnerability Type
N/A