ID |
CVE-2009-5023
|
Sažetak |
The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt. |
Reference |
|
CVSS |
Base: | 4.7 |
Impact: | 6.9 |
Exploitability: | 3.4 |
|
Pristup |
Vektor | Složenost | Autentikacija |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
NONE |
COMPLETE |
NONE |
|
CVSS vektor |
AV:L/AC:M/Au:N/C:N/I:C/A:N |
Zadnje važnije ažuriranje |
24-06-2014 - 14:51 |
Objavljeno |
10-06-2014 - 14:55 |