CVE-2012-5530

Sažetak

The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.

Reference

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html
http://www.securityfocus.com/bid/56656
https://bugzilla.novell.com/show_bug.cgi?id=782967
https://bugzilla.redhat.com/show_bug.cgi?id=875842

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

26-02-2013 - 04:51

Objavljeno

29-11-2012 - 13:14