CVE-2009-4454

Опубликовано: 29 дек. 2009

Источник: nvd

CVSS2: 3.3

EPSS Низкий

Описание

vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2009-12/0366.html
Exploit
http://secunia.com/advisories/37733
Vendor Advisory
http://www.securityfocus.com/archive/1/508507/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/54916
http://archives.neohapsis.com/archives/fulldisclosure/2009-12/0366.html
Exploit
http://secunia.com/advisories/37733
Vendor Advisory
http://www.securityfocus.com/archive/1/508507/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/54916

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:saini:videocache:1.9.2:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00061

Низкий

3.3 Low

CVSS2

Дефекты

CWE-59

Связанные уязвимости

CVE-2009-4454

debian

около 16 лет назад

vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user ...

GHSA-4hwj-p7j6-r7jw

github

почти 4 года назад