CVE-2007-4998

Sažetak

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.

Reference

http://osvdb.org/43228
https://bugzilla.redhat.com/show_bug.cgi?id=356471
https://issues.rpath.com/browse/RPL-2023

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

15-11-2008 - 06:59

Objavljeno

31-01-2008 - 21:00