Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1172

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2001-1172
Last Modified 05 Sep 2008 04:25:52
Published 19 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1172

Summary

OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file.

Vulnerable Systems

Application

  • Omnisecure Httprotect 1.1.1


References

XF - httprotect-protected-file-symlink(6880)

BUGTRAQ - 20010719 [SNS Advisory No.37] HTTProtect allows attackers to change the protected file using a symlink

CONFIRM - http://www.omnisecure.com/security-alert.html

OSVDB - 5452


Last Updated: 27 May 2016 10:36:34