Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2001

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2002-2001
Last Modified 10 Sep 2008 03:16:06
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2002-2001

Summary

jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 8.1

Application

  • Jmcce 1.3.8


References

BID - 3940

XF - linux-jmcce-tmp-symlink(7980)

MANDRAKE - MDKSA-2002:008


Last Updated: 27 May 2016 10:37:34