vulnerability

Alpine Linux: CVE-2017-9079: Incorrect Permission Assignment for Critical Resource

Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
May 19, 2017
Added
Aug 30, 2017
Modified
Oct 1, 2024

Description

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.

Solution

alpine-linux-upgrade-dropbear
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.