Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1066

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-1066
Last Modified 05 Sep 2008 04:25:36
Published 31 Aug 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1066

Summary

ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Operating System

  • Sun Solaris


References

BUGTRAQ - 20010827 Dangerous temp file creation during installation of Netscape 6.

XF - netscape-install-tmpfile-symlink(7042)

BID - 3243


Last Updated: 27 May 2016 10:36:30