CVE-2001-1277

Sažetak

makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.

Reference

http://marc.info/?l=bugtraq&m=99227597227747&w=2
http://www.redhat.com/support/errata/RHSA-2001-072.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

18-10-2016 - 02:14

Objavljeno

11-06-2001 - 04:00