CVE-2020-15703 – There is no input validation on the Locale property in an apt transaction. An unprivileged …

31 October 2020

Vuln ID: CVE-2020-15703

Published: 2020-10-31 04:15:10Z

Description: There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.

Source: NVD.NIST.GOV

Date:

31 October 2020

Categorie(s):

NVD

Tag(s):

NVD

Check Point delivers strong quarterly revenue growth but stock drops26 April 2024
Rubrik IPO signals potential cybersecurity-led tech market revival25 April 2024
Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024
Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs25 April 2024