The transform_save function in transform.c in Augeas 1.0.0 up to and including 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
augeas augeas 1.0.0 |
||
augeas augeas 1.1.0 |