logo
DATABASE RESOURCES PRICING ABOUT US

CentOS 8 : trousers (CESA-2021:1627)

Description

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1627 advisory. - trousers: fails to drop the root gid privilege when no longer needed (CVE-2020-24330) - trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (CVE-2020-24331) - trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (CVE-2020-24332) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related