World Writable Permissions in eXtplorer Allows Local File Manipulation by Unauthorized Users
CVE-2012-3454

Currently unrated

Key Information:

Vendor

Extplorer

Status
Extplorer
Vendor
CVE Published:
7 August 2012

What is CVE-2012-3454?

The eXtplorer application version 2.1.0b6 creates a directory with world writable permissions at /var/lib/extplorer/ftp_tmp. This misconfiguration allows local users to manipulate sensitive files by deleting or overwriting them, posing a significant risk to system integrity and data security.

References

http://www.securityfocus.com/bid/54801
vdb-entryx_refsource_BID
http://www.openwall.com/lists/oss-security/2012/08/03/7
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.