vulnerability
Alpine Linux: CVE-2017-9079: Incorrect Permission Assignment for Critical Resource
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | May 19, 2017 | Aug 30, 2017 | Oct 1, 2024 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
May 19, 2017
Added
Aug 30, 2017
Modified
Oct 1, 2024
Description
Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.
Solution
alpine-linux-upgrade-dropbear

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.