Lucene search

[email protected]CVE-2005-3343

HistoryDec 27, 2005 - 11:03 p.m.

CVE-2005-3343

2005-12-2723:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

tkdiff

vulnerability

symlink attack

file overwrite

cve-2005-3343

nvd

6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.9%

JSON

tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CPENameOperatorVersion
tkdiff:tkdifftkdiffeq3.0.8
tkdiff:tkdifftkdiffeq4.0
tkdiff:tkdifftkdiffeq3.0.9
tkdiff:tkdifftkdiffeq4.0.2
tkdiff:tkdifftkdiffeq4.1

CPE	Name	Operator	Version
tkdiff:tkdiff	tkdiff	eq	3.0.8
tkdiff:tkdiff	tkdiff	eq	4.0
tkdiff:tkdiff	tkdiff	eq	3.0.9
tkdiff:tkdiff	tkdiff	eq	4.0.2
tkdiff:tkdiff	tkdiff	eq	4.1

References

secunia.com/advisories/18083

secunia.com/advisories/18215

securitytracker.com/id?1015421

sourceforge.net/project/shownotes.php?release_id=380030&group_id=64960

www.debian.org/security/2005/dsa-927

www.mandriva.com/security/advisories?name=MDKSA-2006:001

www.osvdb.org/21933

www.securityfocus.com/bid/16064

exchange.xforce.ibmcloud.com/vulnerabilities/23858

6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.9%

JSON

Related for CVE-2005-3343

securityvulns2 ubuntucve1 openvas6 nessus3 debian4 freebsd1 osv1