Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0736

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-0736
Last Modified 05 Sep 2008 04:24:48
Published 18 Oct 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0736

Summary

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Operating System

  • Engardelinux Secure Linux 1.0.1

  • Mandrakesoft Mandrake Linux 7.1

  • Mandrakesoft Mandrake Linux 7.2

  • Mandrakesoft Mandrake Linux 8.0

  • Mandrakesoft Mandrake Linux Corporate Server 1.0.1

  • Redhat Linux 5.2

  • Redhat Linux 6.2

  • Redhat Linux 7.0

Application

  • Immunix 6.2

  • Immunix 7.0

  • Immunix 7.0 Beta

  • University Of Washington Pine 4.33


References

XF - pine-tmp-file-symlink(6367)

REDHAT - RHSA-2001:042

MANDRAKE - MDKSA-2001:047

BUGTRAQ - 20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities

BUGTRAQ - 20010416 Immunix OS Security update for pine


Last Updated: 27 May 2016 10:36:22