Описание
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.1-5sarge4 |
| devel | DNE | |
| edgy | released | 2.1-5sarge4 |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
2.1 Low
CVSS2
Связанные уязвимости
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enable ...
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
2.1 Low
CVSS2