Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0529

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0529
Last Modified 05 Sep 2008 04:24:19
Published 14 Aug 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0529

Summary

OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack.

Vulnerable Systems

Application

  • Openbsd Openssh 2.9


References

CERT-VN - VU#655259

BID - 2825

NETBSD - NetBSD-SA2001-010

CALDERA - CSSA-2001-023.0

BUGTRAQ - 20010604 Re: SSH allows deletion of other users files...

BUGTRAQ - 20010604 SSH allows deletion of other users files...

XF - openssh-symlink-file-deletion(6676)

OSVDB - 1853

OPENBSD - 20010612

BUGTRAQ - 20010605 OpenSSH_2.5.2p2 RH7.0 <- version info

IMMUNIX - IMNX-2001-70-034-01

CONECTIVA - CLA-2001:431


Last Updated: 27 May 2016 10:36:18