Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2023-23558

Disclosure Date: February 16, 2023 (last updated October 08, 2023)
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in that file.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-48258

Disclosure Date: January 13, 2023 (last updated October 08, 2023)
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-48257

Disclosure Date: January 13, 2023 (last updated October 08, 2023)
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0