Lucene search

MitreCVE-2002-2274

HistoryOct 18, 2007 - 10:00 a.m.

CVE-2002-2274

2007-10-1810:00:00

mitre

web.nvd.nist.gov

akfingerd

0.5

local users

arbitrary files

symlink attack

.plan file

security vulnerability

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

High

EPSS

Percentile

5.1%

JSON

akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlink attack on the .plan file.

Affected configurations

Nvd

Node

akfingerdakfingerdMatch0.5

VendorProductVersionCPE
akfingerdakfingerd0.5cpe:/a:akfingerd:akfingerd:0.5:::

Vendor	Product	Version	CPE
akfingerd	akfingerd	0.5	cpe:/a:akfingerd:akfingerd:0.5:::

References

archives.neohapsis.com/archives/bugtraq/2002-12/0049.html

synflood.at/akfingerd

www.securityfocus.com/bid/6325

exchange.xforce.ibmcloud.com/vulnerabilities/10796

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-2274