Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0350

Overview

Vulnerability Score 6.3 6.3
CVE Id CVE-2013-0350
Last Modified 05 May 2014 01:27:13
Published 05 May 2014 01:06:03
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0350

Summary

tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack on /tmp/smtp.log.

Vulnerable Systems

Application

  • David Leonard Pkstat 1.8.5


References

CONFIRM - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701211

MLIST - [oss-security] 20130222 CVE-2013-0350 for pktstat: writes content from TCP streams to public readable file /tmp/smtp.log

OSVDB - 90588


Last Updated: 27 May 2016 11:05:10