Lucene search

[email protected]CVE-2005-3311

HistoryOct 26, 2005 - 1:02 a.m.

CVE-2005-3311

2005-10-2601:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3311

bmc software

control-m

vulnerability

solaris

symlink attack

nvd

7.3 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CPENameOperatorVersion
bmc:software_control-m_agentbmc software control-m agenteq6.1.03

CPE	Name	Operator	Version
bmc:software_control-m_agent	bmc software control-m agent	eq	6.1.03

References

marc.info/?l=bugtraq&m=113018286105811&w=2

secunia.com/advisories/17294

securitytracker.com/id?1015096

www.securityfocus.com/bid/15167

7.3 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON