Lucene search
HistoryApr 05, 2014 - 9:55 p.m.
CVE-2001-1593
cve-2001-1593
security vulnerability
a2ps 4.14
symlink attack
temporary file
nvd
6.2 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
References
Related
ubuntucve
ubuntucve
CVE-2001-1593
2014-04-05 00:00:00
debiancve
debiancve
CVE-2001-1593
2014-04-05 21:55:00
debian
debian
[SECURITY] [DSA 2892-1] a2ps security update
2014-03-31 18:46:17
[SECURITY] [DSA 2892-1] a2ps security update
2014-03-31 18:46:34
nessus
nessus
Debian DSA-2892-1 : a2ps - security update
2014-04-01 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2892-1)
2014-03-30 00:00:00
Debian Security Advisory DSA 2892-1 (a2ps - security update)
2014-03-31 00:00:00
osv
osv
a2ps - security update
2014-03-31 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2892-1] a2ps security update
2014-04-07 00:00:00
a2ps code execution
2014-04-07 00:00:00
6.2 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2001-1593