Lucene search

[email protected]CVE-2001-0139

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2001-0139

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0139

inn

2.2.3

local users

symlink attack

arbitrary files

overwrite

nvd

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Affected configurations

NVD

Node

calderaopenlinux_desktopMatch2.3

immuniximmunixMatch7.0_beta

Node

calderaopenlinux_edesktopMatch2.4

calderaopenlinux_eserverMatch2.3

debiandebian_linuxMatch2.2

debiandebian_linuxMatch2.268k

debiandebian_linuxMatch2.2alpha

debiandebian_linuxMatch2.2arm

debiandebian_linuxMatch2.2sparc

mandrakesoftmandrake_linuxMatch6.0

mandrakesoftmandrake_linuxMatch6.1

mandrakesoftmandrake_linuxMatch7.0

mandrakesoftmandrake_linuxMatch7.1

mandrakesoftmandrake_linuxMatch7.2

redhatlinuxMatch7.0

CPENameOperatorVersion
caldera:openlinux_desktopcaldera openlinux desktopeq2.3
immunix:immuniximmunixeq7.0_beta

CPE	Name	Operator	Version
caldera:openlinux_desktop	caldera openlinux desktop	eq	2.3
immunix:immunix	immunix	eq	7.0_beta

References

marc.info/?l=bugtraq&m=97916374410647&w=2

www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt

www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3

www.securityfocus.com/bid/2190

exchange.xforce.ibmcloud.com/vulnerabilities/5916

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0139

cvelist1 nessus1 cert1 nvd1