CVE-2004-0108

Sažetak

The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc
http://www.debian.org/security/2004/dsa-460
http://www.redhat.com/support/errata/RHSA-2004-053.html
http://www.securityfocus.com/bid/9844
https://exchange.xforce.ibmcloud.com/vulnerabilities/15437

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-10-2017 - 01:30

Objavljeno

15-04-2004 - 04:00