Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1740

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-1740
Last Modified 07 Mar 2011 09:22:45
Published 24 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1740

Summary

fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Application

  • Net-snmp 5.0.1

  • Net-snmp 5.0.3

  • Net-snmp 5.0.4 Pre2

  • Net-snmp 5.0.5

  • Net-snmp 5.0.6

  • Net-snmp 5.0.7

  • Net-snmp 5.0.8

  • Net-snmp 5.0.9

  • Net-snmp 5.1.2


References

MISC - http://www.zataz.net/adviso/net-snmp-05182005.txt

VUPEN - ADV-2005-0598

OSVDB - 16778

GENTOO - GLSA-200505-18

SECUNIA - 15471

BID - 13715

REDHAT - RHSA-2005:395

REDHAT - RHSA-2005:373

MANDRIVA - MDKSA-2006:025

SECTRACK - 1014039

SECUNIA - 18635

SECUNIA - 17135

SECUNIA - 16999


Last Updated: 27 May 2016 10:40:16