CVE-2002-0499

Sažetak

The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0074.html
http://www.cs.helsinki.fi/linux/linux-kernel/2002-13/0054.html
http://www.iss.net/security_center/static/8634.php
http://www.securityfocus.com/archive/1/264117
http://www.securityfocus.com/bid/4367

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:28

Objavljeno

12-08-2002 - 04:00