Lucene search
HistoryNov 05, 2008 - 3:00 p.m.
CVE-2008-4947
cve-2008-4947
nvd
vulnerability
symlink attack
dhis-server
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
Affected configurations
Node
guus_sliependhis-serverRange≤5.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| guus_sliepen:dhis-server | guus sliepen dhis-server | le | 5.3 |
Related
prion
prion
Design/Logic Flaw
2008-11-05 15:00:00
cvelist
cvelist
CVE-2008-4947
2008-11-05 14:51:00
ubuntucve
ubuntucve
CVE-2008-4947
2008-11-05 00:00:00
nvd
nvd
CVE-2008-4947
2008-11-05 15:00:15
debiancve
debiancve
CVE-2008-4947
2008-11-05 15:00:15
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-4947