World-writable permissions in Novell Filr allow privilege escalation through arbitrary shell commands

World-writable permissions in Novell Filr allow privilege escalation through arbitrary shell commands

CVE-2016-1611 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.

Learn more about our User Device Pen Test.