Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4797

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4797
Last Modified 07 Mar 2011 09:29:01
Published 31 Dec 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4797

Summary

Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.

Vulnerable Systems

Operating System

  • Sun Solaris 10.0

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0


References

XF - solaris-printd-file-deletion(21773)

BID - 14510

CIAC - P-280

SUNALERT - 101842

SECTRACK - 1014635

SECUNIA - 16367

VUPEN - ADV-2005-1342

OSVDB - 18650

MISC - http://downloads.securityfocus.com/vulnerabilities/exploits/solaris_lpd_unlink.pm


Last Updated: 27 May 2016 10:41:26