2 matches found
CVE-2023-23558
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in tha...
CVE-2023-23558
CVE-2023-23558 : In Eternal Terminal 6.2.1, TelemetryService uses fixed paths under /tmp. An attacker with local access can pre-create /tmp/.sentry-native-etserver (mode 0777) before etserver starts, enabling reading or modification of that file. This leads to potential information disclosure and...