cbcvebase.

Trousers Project Trousers vulnerabilities

4 known vulnerabilities affecting trousers_project/trousers.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2012-0698P4MEDIUMCVSS 5.0PoC≥ 0, < 0.3.9-12012-11-26
CVE-2012-0698 [MEDIUM] CVE-2012-0698: tcsd in TrouSerS before 0 tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
osv
CVE-2020-24331P3HIGHCVSS 7.8≤ 0.3.142020-08-13
CVE-2020-24331 [HIGH] CWE-269 CVE-2020-24331: An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileg An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).
nvdosv
CVE-2020-24330P3HIGHCVSS 7.8≤ 0.3.142020-08-13
CVE-2020-24330 [HIGH] CWE-269 CVE-2020-24330: An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileg An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
nvdosv
CVE-2020-24332P4MEDIUMCVSS 5.5≥ 0, < 0.3.15-0.12020-08-13
CVE-2020-24332 [MEDIUM] CVE-2020-24332: An issue was discovered in TrouSerS through 0 An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack.
osv
Trousers Project Trousers vulnerabilities | cvebase