Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200506-05] SilverCity: Insecure file permissions


Vulnerability Assessment Details

[GLSA-200506-05] SilverCity: Insecure file permissions

Vulnerability Assessment Summary
SilverCity: Insecure file permissions

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200506-05
(SilverCity: Insecure file permissions)


The SilverCity package installs three executable files with
insecure permissions.

Impact

A local attacker could modify the executable files, causing
arbitrary code to be executed with the permissions of an unsuspecting
SilverCity user.

Workaround

There are no known workarounds at this time.


Solution:
All SilverCity users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/silvercity-0.9.5-r1"


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2005 Michel Arboi

Cables, Connectors

Lenovo Brand New Genuine VIUU3 LCD Cable 40P part # 90204408
$7.31
Lenovo Brand New Genuine VIUU3 LCD Cable 40P part # 90204408 pictureBrand New Genuine LENOVO 4 CELL BATTERY part # 5B10K10181
$58.51
Brand New Genuine LENOVO 4 CELL BATTERY part # 5B10K10181 pictureIBM LSI Logic SAS3445E-R RAID Controller Card Desktop 3Gb/s 44E8701 L3-25139-00F
$71.05
IBM LSI Logic SAS3445E-R RAID Controller Card Desktop 3Gb/s 44E8701 L3-25139-00F pictureLenovo Thinkpad USB 3.0 Docking Station DU9019D1 0A33970 for X1 T460 T560 T450
$47.99
Lenovo Thinkpad USB 3.0 Docking Station DU9019D1 0A33970 for X1 T460 T560 T450 picture


Discussions

No Discussions have been posted on this vulnerability.