Lucene search

K
cve[email protected]CVE-2001-0623
HistoryAug 02, 2001 - 4:00 a.m.

CVE-2001-0623

2001-08-0204:00:00
NVD-CWE-Other
web.nvd.nist.gov
25
linux systems
sendfiled
saft
privilege dropping
local attacks
cve-2001-0623
privilege escalation

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.

CPENameOperatorVersion
sendfile:sendfilesendfileeq*

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

Related for CVE-2001-0623