Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0370


Vulnerability Score 4.6 4.6
CVE Id CVE-2001-0370
Last Modified 05 Sep 2008 04:23:56
Published 27 Jun 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters.

Vulnerable Systems


  • Michael A. Gumienny Fcheck 2.57.59


XF - fcheck-open-execute-commands

BUGTRAQ - 20010320 fcheck prior to 2.07.59 - vulnerability - improper use of perl 'magic open'

Last Updated: 27 May 2016 10:36:14