Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3204

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2011-3204
Last Modified 22 Sep 2011 11:34:33
Published 06 Sep 2011 12:55:10
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3204

Summary

hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/hammer.log (aka the HH_LOG file) or (2) the REPORT_LOG file.

Vulnerable Systems

Application

  • Geoff Wong Hammerhead 2.1.4


References

CONFIRM - https://launchpad.net/bugs/826679

BID - 49548

MLIST - [oss-security] 20110830 Re: Security issue in hammerhead

MLIST - [oss-security] 20110826 Security issue in hammerhead


Last Updated: 27 May 2016 10:57:14