Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4998

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2007-4998
Last Modified 15 Nov 2008 01:59:20
Published 31 Jan 2008 04:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4998

Summary

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.

Vulnerable Systems

Operating System

  • Linux Kernel


References

CONFIRM - https://issues.rpath.com/browse/RPL-2023

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=356471

OSVDB - 43228


Last Updated: 27 May 2016 10:46:02