Required CVE Record Information
Description
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- seclists.org: 20160725 SEC Consult SA-20160725-0 :: Multiple vulnerabilities in Micro Focus (Novell) Filr mailing-listx_transferred
- https://www.novell.com/support/kb/doc.php?id=7017689 x_transferred
- exploit-db.com: 40161 exploitx_transferred
- securityfocus.com: 92113 vdb-entryx_transferred