Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0162

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2002-0162
Last Modified 10 Sep 2008 08:00:37
Published 27 Mar 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2002-0162

Summary

LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.

Vulnerable Systems

Application

  • Logwatch 2.5


References

XF - logwatch-tmp-race-condition(8652)

VULN-DEV - 20020327 Root compromise through LogWatch 2.1.1

CONFIRM - http://list.kaybee.org/archives/logwatch-announce/2002-March/000002.html

BID - 4374


Last Updated: 27 May 2016 10:36:48