openCryptoki prior to 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opencryptoki project opencryptoki 2.3.3 |
||
opencryptoki project opencryptoki 2.2.7 |
||
opencryptoki project opencryptoki 2.2.4 |
||
opencryptoki project opencryptoki 2.2.3 |
||
opencryptoki project opencryptoki 2.2.8 |
||
opencryptoki project opencryptoki 2.2.5 |
||
opencryptoki project opencryptoki 2.3.1 |
||
opencryptoki project opencryptoki |
||
opencryptoki project opencryptoki 2.2.4.1 |
||
opencryptoki project opencryptoki 2.3.2 |
||
opencryptoki project opencryptoki 2.3.0 |
||
opencryptoki project opencryptoki 2.2.6 |