CVE-2021-36781: parsec: dangerous 777 permissions for /run/parsec
First published: Fri Jan 14 2022(Updated: )
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1.
Credit: meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| openSUSE Factory | <0.8.1-1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2021-36781.
What is the title of this vulnerability?
The title of this vulnerability is 'A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service'.
What is the severity level of CVE-2021-36781?
The severity level of CVE-2021-36781 is medium.
How does CVE-2021-36781 affect openSUSE Factory parsec?
CVE-2021-36781 affects openSUSE Factory parsec versions prior to 0.8.1-1.1.
Is there a fix available for CVE-2021-36781?
Yes, the fix for CVE-2021-36781 is available in parsec version 0.8.1-1.1.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/remedy
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/opensuse
- canonical/opensuse factory