Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0691

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2000-0691
Last Modified 05 Sep 2008 04:21:39
Published 20 Oct 2000 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0691

Summary

The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.

Vulnerable Systems

Application

  • Gert Doering Mgetty 1.1.19

  • Gert Doering Mgetty 1.1.20

  • Gert Doering Mgetty 1.1.21


References

BID - 1612

CALDERA - CSSA-2000-029.0

CONFIRM - http://archives.neohapsis.com/archives/bugtraq/2000-08/0330.html

BUGTRAQ - 20000826 Advisory: mgetty local compromise


Last Updated: 27 May 2016 10:35:50