Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1707

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-1707
Last Modified 07 Mar 2011 09:22:42
Published 24 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-1707

Summary

The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.

Vulnerable Systems

Application

  • Gentoo Linux Webapp-config 1.10


References

SECTRACK - 1014027

MISC - http://www.zataz.net/adviso/webapp-config-05182005.txt

VUPEN - ADV-2005-0809

BID - 13780

OSVDB - 16746

GENTOO - GLSA-200506-13

SECUNIA - 15445

MISC - http://bugs.gentoo.org/show_bug.cgi?id=91785


Last Updated: 27 May 2016 10:40:16