Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1396

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2005-1396
Last Modified 10 Sep 2008 03:38:54
Published 03 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2005-1396

Summary

Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.

Vulnerable Systems


References

OSVDB - 16050

MISC - http://www.digitalmunition.com/DMA[2005-0501a].txt

SECTRACK - 1013855

SECUNIA - 15197

FULLDISC - 20050501 DMA[2005-0501a] - 'ARPUS/Ce setuid buffer overflow and file overwrite'


Last Updated: 27 May 2016 10:40:09