parsec: dangerous 777 permissions for /run/parsec
CVE-2021-36781

5.9MEDIUM

Key Information:

Vendor: Opensuse
Status: Factory
Vendor: CVE Published:; 14 January 2022

What is CVE-2021-36781?

A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Factory parsec < 0.8.1-1.1

References

https://bugzilla.suse.com/show_bug.cgi?id=1193484

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2022
Vulnerability Reserved
Jul 19, 2021

Credit

Matthias Gerstner of SUSE

JSON

Opensuse