CVE-2007-1500

Sažetak

The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=159542
http://osvdb.org/34267
http://secunia.com/advisories/24526
http://security.gentoo.org/glsa/glsa-200703-20.xml
http://www.securityfocus.com/bid/23014
https://exchange.xforce.ibmcloud.com/vulnerabilities/33057

CVSS

Base:	4.3
Impact:	6.4
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-07-2017 - 01:30

Objavljeno

19-03-2007 - 22:19