CVE-2012-3453

Sažetak

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683647
http://www.openwall.com/lists/oss-security/2012/08/03/8
http://www.securityfocus.com/bid/54802

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

08-08-2012 - 04:00

Objavljeno

07-08-2012 - 20:55