CVE-2002-1970

2022-10-0316:23:48

mitre

www.cve.org

snortcenter

temporary file

permissions

local users

alert database servers

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.

References

online.securityfocus.com/archive/1/298587

www.iss.net/security_center/static/10540.php

www.securityfocus.com/bid/6109