Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0864

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2000-0864
Last Modified 10 Sep 2008 12:00:00
Published 14 Nov 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2000-0864

Summary

Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack.

Vulnerable Systems

Application

  • Gnome Esound 0.2.19


References

BID - 1659

REDHAT - RHSA-2000:077

SUSE - 20001012 esound daemon race condition

DEBIAN - 20001008 esound: race condition

FREEBSD - FreeBSD-SA-00:45

BUGTRAQ - 20001006 Immunix OS Security Update for esound

BUGTRAQ - 20000911 Patch for esound-0.2.19


Last Updated: 27 May 2016 10:35:54