Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0217

Overview

Vulnerability Score 3.7 3.7
CVE Id CVE-2004-0217
Last Modified 05 Sep 2008 04:37:50
Published 15 Apr 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2004-0217

Summary

The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.

Vulnerable Systems

Application

  • Symantec Antivirus Scan Engine 4.0

  • Symantec Antivirus Scan Engine 4.3


References

XF - symantec-scanengine-race-condition(15215)

BID - 9662

BUGTRAQ - 20040216 Possible race condition in Symantec AntiVirus Scan Engine for Red


Last Updated: 27 May 2016 10:38:31