2 matches found
CVE-2019-15119
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...
CVE-2019-15119
CVE-2019-15119 affects cnlh/nps prior to 0.23.2 where install.go sets 0777 on /usr/local/bin/nps and/or /usr/bin/nps, enabling a local user to overwrite the file. Connected records corroborate the issue details (world-writable binaries and local overwrite risk). Exploitation details, affected ver...