Lucene search
MitreCVE-2009-0416HistoryFeb 03, 2009 - 11:30 p.m.
CVE-2009-0416
2009-02-0323:30:01
CWE-59
mitre
web.nvd.nist.gov
25
ssl certificate
sblim
sblim-sfcb
cve-2009-0416
symlink attack
security vulnerability
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
High
EPSS
0
Percentile
5.1%
The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files.
Affected configurations
Node
standards_based_linux_instrumentationsblim-sfcbMatch1.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| standards_based_linux_instrumentation | sblim-sfcb | 1.3.2 | cpe:2.3:a:standards_based_linux_instrumentation:sblim-sfcb:1.3.2:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2009-0416
2009-02-03 00:00:00
nessus
nessus
openSUSE Security Update : sblim-sfcb (sblim-sfcb-505)
2009-07-21 00:00:00
openSUSE Security Update : sblim-sfcb (sblim-sfcb-505)
2009-07-21 00:00:00
cvelist
cvelist
CVE-2009-0416
2009-02-03 23:00:00
prion
prion
Code injection
2009-02-03 23:30:00
nvd
nvd
CVE-2009-0416
2009-02-03 23:30:01
openvas
openvas
SuSE Security Summary SUSE-SR:2009:004
2009-02-18 00:00:00
SUSE: Security Summary (SUSE-SR:2009:004)
2009-02-18 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2009-0416