Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2020-24331
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-13 Aug, 2020 | 17:15
Updated At-07 Nov, 2023 | 03:19

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
trousers_project
trousers_project
>>trousers>>Versions up to 0.3.14(inclusive)
cpe:2.3:a:trousers_project:trousers:*:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2020/08/14/1cve@mitre.org
Exploit
Mailing List
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1164472cve@mitre.org
Exploit
Issue Tracking
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SSDL7COIFCZQMUBNAASNMKMX7W5JUHRD/cve@mitre.org
N/A
https://seclists.org/oss-sec/2020/q2/att-135/tcsd_fixes.patchcve@mitre.org
Mailing List
Patch
Third Party Advisory
https://sourceforge.net/p/trousers/mailman/message/37015817/cve@mitre.org
Exploit
Mailing List
Third Party Advisory
Change History
0Changes found
Details not found