Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0662

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2002-0662
Last Modified 10 Sep 2008 03:12:40
Published 04 Oct 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0662

Summary

scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.

Vulnerable Systems

Application

  • Dan Mueth Scrollkeeper 0.3

  • Dan Mueth Scrollkeeper 0.3.1

  • Dan Mueth Scrollkeeper 0.3.10

  • Dan Mueth Scrollkeeper 0.3.11

  • Dan Mueth Scrollkeeper 0.3.3

  • Dan Mueth Scrollkeeper 0.3.4

  • Dan Mueth Scrollkeeper 0.3.5

  • Dan Mueth Scrollkeeper 0.3.6

  • Dan Mueth Scrollkeeper 0.3.7

  • Dan Mueth Scrollkeeper 0.3.8

  • Dan Mueth Scrollkeeper 0.3.9


References

REDHAT - RHSA-2002:186

DEBIAN - DSA-160

BUGTRAQ - 20020904 GLSA: scrollkeeper

BID - 5602

XF - scrollkeeper-tmp-file-symlink(10002)

BUGTRAQ - 20020902 The ScrollKeeper Root Trap


Last Updated: 27 May 2016 10:37:01