Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1193
tkmail
symlink attack
temporary files
local users
security vulnerability
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
tkmail before 4.0beta9-8.1 allows local users to create or overwrite files as users via a symlink attack on temporary files.
Affected configurations
Node
tkmailtkmailMatch4.0_beta1
ORtkmailtkmailMatch4.0_beta4
ORtkmailtkmailMatch4.0_beta6
ORtkmailtkmailMatch4.0_beta8
ORtkmailtkmailMatch4.0_beta9
Related
cvelist
cvelist
CVE-2002-1193
2004-09-01 04:00:00
nvd
nvd
CVE-2002-1193
2002-10-28 05:00:00
nessus
nessus
Debian DSA-172-1 : tkmail - insecure temporary files
2004-09-29 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-172)
2008-01-17 00:00:00
Debian Security Advisory DSA 172-1 (tkmail)
2008-01-17 00:00:00
osv
osv
tkmail - insecure temporary files
2002-10-08 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2002-1193