CVE-2009-5023 - CERT CVE
ID CVE-2009-5023
Sažetak The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt.
Reference
CVSS
Base: 4.7
Impact: 6.9
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE COMPLETE NONE
CVSS vektor AV:L/AC:M/Au:N/C:N/I:C/A:N
Zadnje važnije ažuriranje 24-06-2014 - 14:51
Objavljeno 10-06-2014 - 14:55