CVE-2008-4953

Опубликовано: 05 нояб. 2008

Источник: nvd

CVSS2: 6.9

EPSS Низкий

Описание

firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-- and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:firehol:firehol:1.256:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00049

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-59

Связанные уязвимости

CVE-2008-4953

ubuntu

больше 17 лет назад

firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks.

CVE-2008-4953

debian

больше 17 лет назад

firehol in firehol 1.256 allows local users to overwrite arbitrary fil ...

GHSA-w9wq-p2wh-m5px

github

больше 3 лет назад

** DISPUTED ** firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks."

EPSS

Процентиль: 15%

0.00049

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-59