漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
uutils coreutils chmod False Success Exit Code in Recursive Mode
Vulnerability Description
The recursive mode (-R) of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 (success) even if errors were encountered on previous files, such as 'Operation not permitted'. Scripts relying on these exit codes may proceed under a false sense of success while sensitive files remain with restrictive or incorrect permissions.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
对函数返回值的检查不正确
Vulnerability Title
uutils coreutils 安全漏洞
Vulnerability Description
uutils coreutils是Uutils开源的一个跨平台核心命令行工具集。 uutils coreutils存在安全漏洞,该漏洞源于chmod实用程序的递归模式在处理多个文件时错误处理退出代码,最终返回值仅由最后处理的文件成功或失败决定,即使先前文件遇到错误,命令也可能返回退出代码0,依赖这些退出代码的脚本可能在错误成功感下继续执行,而敏感文件仍保留限制性或错误权限。
CVSS Information
N/A
Vulnerability Type
N/A