CVE-2004-0851

Опубликовано: 08 сент. 2004

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Ссылки

http://exorsus.net/projects/net-acct/net-acct-notempfiles.patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=109466910232385&w=2
http://secunia.com/advisories/12476
Patch
Vendor Advisory
http://www.debian.org/security/2004/dsa-559
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11125
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17283
http://exorsus.net/projects/net-acct/net-acct-notempfiles.patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=109466910232385&w=2
http://secunia.com/advisories/12476
Patch
Vendor Advisory
http://www.debian.org/security/2004/dsa-559
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11125
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17283

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ulrich_callmeier:net-acct:0.6:*:*:*:*:*:*:*

cpe:2.3:a:ulrich_callmeier:net-acct:0.7:*:*:*:*:*:*:*

cpe:2.3:a:ulrich_callmeier:net-acct:0.71:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00072

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2004-0851

debian

около 21 года назад

The (1) write_list and (2) dump_curr_list functions in Net-Acct before ...

GHSA-8g8f-28jw-7gwq

github

больше 3 лет назад