Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1395

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2002-1395
Last Modified 10 Sep 2008 03:14:29
Published 17 Jan 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1395

Summary

Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.

Vulnerable Systems

Application

  • Debian Internet Message 133-0

  • Debian Internet Message 141-0


References

DEBIAN - DSA-202

BID - 6307

REDHAT - RHSA-2003:039

XF - im-immknmz-symlink(10767)

XF - im-impwagent-insecure-directory(10766)

SECUNIA - 8242

SECUNIA - 8166


Last Updated: 27 May 2016 10:37:18