Lucene search

[email protected]CVE-2009-0032

HistoryJan 27, 2009 - 8:30 p.m.

CVE-2009-0032

2009-01-2720:30:00

CWE-59

[email protected]

web.nvd.nist.gov

cups

mandriva linux

cve-2009-0032

security vulnerability

symlink attack

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.

Affected configurations

NVD

Node

applecups

AND

mandrivacorporate_serverMatch3.0

mandrivacorporate_serverMatch3.0x86_64

mandrivacorporate_serverMatch4.0

mandrivacorporate_serverMatch4.0x86_64

mandrivalinuxMatch2008.0

mandrivalinuxMatch2008.0x86_64

mandrivalinuxMatch2008.1

mandrivalinuxMatch2008.1x86_64

mandrivalinuxMatch2009.0

mandrivamulti_network_firewallMatch2.0

CPENameOperatorVersion
apple:cupsapple cupseq*

CPE	Name	Operator	Version
apple:cups	apple cups	eq	*

References

securitytracker.com/id?1021637

www.mandriva.com/security/advisories?name=MDVSA-2009:027

www.mandriva.com/security/advisories?name=MDVSA-2009:028

www.mandriva.com/security/advisories?name=MDVSA-2009:029

www.securityfocus.com/bid/33418

exchange.xforce.ibmcloud.com/vulnerabilities/48210

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2009-0032

nessus2 ubuntucve1 nvd1 openvas2 securityvulns2 prion1 redhatcve1 cvelist1