PT-2021-22703 · Octorpki +1 · Octorpki +1
Name of the Vulnerable Software and Affected Versions: octorpki versions up to 1.4.1 Description: The issue arises when octorpki uses the "-a" flag with rsync, which forces the copying of binaries with the suid bit set as root. Given that the service definition defaults to root, this could...