Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0296

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2002-0296
Last Modified 05 Sep 2008 04:27:40
Published 31 May 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2002-0296

Summary

The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.

Vulnerable Systems

Application

  • Tarantella Enterprise 3.0

  • Tarantella Enterprise 3.01

  • Tarantella Enterprise 3.10

  • Tarantella Enterprise 3.11

  • Tarantella Enterprise 3.20


References

XF - tarantella-tmp-spinning-symlink(8223)

BID - 4115

BUGTRAQ - 20020219 Another local root vulnerability during installation of Tarantella Enterprise 3.

BUGTRAQ - 20020224 Exploit for Tarantella Enterprise installation (bid 4115)


Last Updated: 27 May 2016 10:36:52