Lucene search

K
cve[email protected]CVE-2001-0370
HistoryJun 27, 2001 - 4:00 a.m.

CVE-2001-0370

2001-06-2704:00:00
NVD-CWE-Other
web.nvd.nist.gov
22
cve-2001-0370
fcheck
local user
shell metacharacters
nvd

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

13.3%

fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters.

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

13.3%