漏洞信息详情
Linux 配置错误漏洞
- CNNVD编号:CNNVD-200412-084
- 危害等级: 中危
- CVE编号: CVE-2004-1778
- 漏洞类型: 配置错误
- 发布时间: 2004-12-22
- 威胁类型: 本地
- 更新时间: 2022-02-10
- 厂 商: skype_technologies
- 漏洞来源: is credited for the discovery of this issue.');">Peter Conrad <>
漏洞简介
Linux是美国Linux基金会的开源操作系统。
Linux 存在配置错误漏洞,该漏洞源于 Linux 的kype 0.92.0.12和1.0.0.1及可能的其他版本创建带有全域可写权限的/usr/share/skype/lang目录,本地用户利用该漏洞修改语言文件也可能进行社会工程或其他攻击。
漏洞公告
It has been reported that Skype 1.0.0.7 is not vulnerable to this issue, although this is not confirmed. Users are advised to contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
参考网址
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/18644
来源:BUGTRAQ
链接:http://marc.info/?l=bugtraq&m=110868557905786&w=2
来源:BID
链接:https://www.securityfocus.com/bid/12081
来源:BUGTRAQ
链接:http://marc.info/?l=bugtraq&m=110374568916303&w=2
受影响实体
- Skype_technologies Skype:1.0.0.1
- Skype_technologies Skype:0.92.0.12
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论