Lucene search
HistoryJul 12, 2005 - 4:00 a.m.
CVE-2005-2240
xpvm
xpvm.tcl
symlink attack
security vulnerability
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files via a symlink attack on the xpvm.trace.$user temporary file.
Affected configurations
Node
xpvmxpvmMatch1.2.5
Related
cvelist
cvelist
CVE-2005-2240
2005-07-12 04:00:00
nvd
nvd
CVE-2005-2240
2005-07-12 04:00:00
nessus
nessus
Debian DSA-1003-1 : xpvm - insecure temporary file
2006-10-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 1003-1 (xpvm)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1003-1)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2005-2240
2005-07-12 00:00:00
debian
debian
[SECURITY] [DSA 1003-1] New xpvm packages fix insecure temporary file
2006-03-16 12:18:53
[SECURITY] [DSA 1003-1] New xpvm packages fix insecure temporary file
2006-03-16 12:18:53
osv
osv
xpvm - insecure temporary file
2006-03-16 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2005-2240