Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0054

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2012-0054
Last Modified 03 Aug 2012 12:00:00
Published 19 Mar 2012 03:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0054

Summary

libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat.

Vulnerable Systems

Application

  • Golismero 0.6.3


References

OSVDB - 78472

MLIST - [oss-security] 20120117 CVE-request: golismero symlink vulnerability

MLIST - [oss-security] 20120117 Re: CVE-request: golismero symlink vulnerability

MISC - http://code.google.com/p/golismero/source/detail?r=2b3bb43d68676efd687361f7de29380189031ab8


Last Updated: 27 May 2016 10:56:28