Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1277

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-1277
Last Modified 05 Sep 2008 04:26:08
Published 11 Jun 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1277

Summary

makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.

Vulnerable Systems

Application

  • Wolfram Schneider Makewhatis 1.5i2


References

REDHAT - RHSA-2001:072

BUGTRAQ - 20010611 man 1.5h10 + man 1.5i-4 exploits

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805


Last Updated: 27 May 2016 10:36:36