Описание
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:1.8-1.2 |
| hardy | ignored | end of life |
| lucid | released | 1:1.3-1.1ubuntu0.1 |
| maverick | released | 1:1.6-1ubuntu0.1 |
| natty | released | 1:1.7-1ubuntu0.1 |
| oneiric | released | 1:1.8-1ubuntu0.1 |
| upstream | released | 1.8.3 |
Показывать по
6.4 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
Directory traversal vulnerability in device-linux.c in the router adve ...
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
6.4 Medium
CVSS2