When linpeass performs checks related to sudo allowed commands (sudo -l), it returns the following results:
Matching Defaults entries for user1 on host:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User user1 may run the following commands on host:
(ALL) /bin/ls /tmp/backup/backup_access
(root) /usr/bin/cat backup_access
The strange thing is that it highlights in yellow (marking as 95% a PE vector) the last two letters (ss) of the directories where the user can execute the listed commands.
Are those real PE vectors or is a bug?
When linpeass performs checks related to sudo allowed commands (sudo -l), it returns the following results:
Matching Defaults entries for user1 on host: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User user1 may run the following commands on host: (ALL) /bin/ls /tmp/backup/backup_access (root) /usr/bin/cat backup_access
The strange thing is that it highlights in yellow (marking as 95% a PE vector) the last two letters (ss) of the directories where the user can execute the listed commands. Are those real PE vectors or is a bug?