[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90870-7

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Ensure that Root's Path Does Not Include Relative Paths or Null Directories Ensure that none of the directories in root's path is equal to a single '.' character, or that it contains any instances that lead to relative path traversal, such as '..' or beginning a path without the slash ('/') character. Also ensure that there are no "empty" elements in the path, such as in these examples: PATH=:/bin PATH=/bin: PATH=/bin::/sbin These empty elements have the same effect as a single '.' character.


Parameter:


Technical Mechanism:

Including these entries increases the risk that root could execute code from an untrusted location. Fix: No Remediation Info

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30538
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31261


OVAL    2
oval:org.secpod.oval:def:30538
oval:org.secpod.oval:def:31261

© SecPod Technologies