Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5839

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2007-5839
Last Modified 07 Mar 2011 10:01:23
Published 06 Nov 2007 02:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-5839

Summary

The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command.

Vulnerable Systems

Application

  • Bitchx 1.1a


References

VUPEN - ADV-2007-3714

BID - 26326

SLACKWARE - SSA:2009-116-02

GENTOO - GLSA-200807-12

SECUNIA - 34870

SECUNIA - 31180

SECUNIA - 27463

OSVDB - 42061

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449149

XF - bitchx-ehostname-symlink(38262)


Last Updated: 27 May 2016 10:46:18