Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0125

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2001-0125
Last Modified 05 Sep 2008 04:23:20
Published 12 Mar 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-0125

Summary

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

Vulnerable Systems

Operating System

  • Debian Linux 2.2

  • Mandrakesoft Mandrake Linux 6.0

  • Mandrakesoft Mandrake Linux 6.1

  • Mandrakesoft Mandrake Linux 7.0

  • Mandrakesoft Mandrake Linux 7.1

  • Mandrakesoft Mandrake Linux 7.2

  • Mandrakesoft Mandrake Linux Corporate Server 1.0.1

Application

  • Exmh 2.2


References

XF - exmh-error-symlink

MANDRAKE - MDKSA-2001:015

CONFIRM - http://www.beedub.com/exmh/symlink.html

BUGTRAQ - 20010112 exmh security vulnerability

BUGTRAQ - 20001231 Advisory: exmh symlink vulnerability

DEBIAN - DSA-022

FREEBSD - FreeBSD-SA-01:17


Last Updated: 27 May 2016 10:36:08