Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DIRAC: Unauthorized users can read proxy contents during generation
Vulnerability Description
DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process (e.g., when using `dirac-proxy-init`), it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that is possible with the original proxy. This vulnerability only exists for a short period of time (sub-millsecond) during the generation process. Version 8.0.41 contains a patch for the issue. As a workaround, setting the `X509_USER_PROXY` environment variable to a path that is inside a directory that is only readable to the current user avoids the potential risk. After the file has been written, it can be safely copied to the standard location (`/tmp/x509up_uNNNN`).
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
将资源暴露给错误范围
Vulnerability Title
DIRAC 安全漏洞
Vulnerability Description
DIRAC是DIRAC Project开源的一个分布式计算的软件框架。 DIRAC 8.0.41之前版本存在安全漏洞,该漏洞源于未经授权的用户有可能获得对代理的读取访问权限,允许用户执行原始代理可能执行的任何操作。
CVSS Information
N/A
Vulnerability Type
N/A