Published: 11/02/2022 Updated: 22/02/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

It exists, that debian-edu-config, a set of configuration files used for the Debian Edu blend, prior to 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
skolelinux debian-edu-config
debian debian linux 9.0
debian debian linux 10.0
debian debian linux 11.0

Marcel Neumann, Robert Altschaffel, Loris Guba and Dustin Hermann discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation If PHP functionality is needed for the user web shares, please refer to / ...

CWE-276 https://salsa.debian.org/debian-edu/debian-edu-config/-/commit/4d39a5888d193567704238f8c035f8d17cfe34e5 https://lists.debian.org/debian-lts-announce/2022/02/msg00012.html https://lists.debian.org/debian-security-announce/2022/msg00039.html https://www.debian.org/security/2022/dsa-5072 https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5072

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-20001

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect