Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling.
References
Link | Resource |
---|---|
https://github.com/tmate-io/tmate-ssh-server/commit/1c020d1f5ca462f5b150b46a027aaa1bbe3c9596 | Patch Third Party Advisory |
https://www.openwall.com/lists/oss-security/2021/12/06/2 | Mailing List Third Party Advisory |
Configurations
Information
Published : 2021-12-06 19:15
Updated : 2021-12-08 06:27
NVD link : CVE-2021-44513
Mitre link : CVE-2021-44513
JSON object : View
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Products Affected
tmate
- tmate-ssh-server