RedPacket Security

InfoSec News & Tutorials

Vulnerabilities 

Scope of Debian’s /home/loser is with permissions 755, default umask 002

admin , , , , , , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Georgi Guninski on Nov 12

On Debian /home/loser is with permissions 755, default umask 0022

(If you don’t understand the numbers, this means a lot of
files are world readable).

On multiuser machines this sucks much.

Question: How much sensitive data can be read on default install?

Partial results:

1. mutt (text email client) exposes ~/.mutt/muttrc,
which might contain the imap password in plaintext.

2. Some time ago on a multiuser debian mirror we found a lot…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source

You May Also Like

cook 1 01

Cook – A Customizable Wordlist And Password Generator

admin
regulation 3246979 1280

Russian hackers broke into the systems of the United States Department of the Treasury and Department of Commerce

admin
browsers 1265309 1280

Critical Bugs in Firefox and Chrome Allow Exploitation

admin
Available for Amazon Prime