Lucene search

[email protected]NVD:CVE-2005-2672

HistoryAug 23, 2005 - 4:00 a.m.

CVE-2005-2672

2005-08-2304:00:00

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

JSON

pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file.

Affected configurations

NVD

Node

lm_sensorslm_sensorsMatch2.0.0

lm_sensorslm_sensorsMatch2.0.1

lm_sensorslm_sensorsMatch2.0.2

lm_sensorslm_sensorsMatch2.1.0

lm_sensorslm_sensorsMatch2.1.1

lm_sensorslm_sensorsMatch2.1.2

lm_sensorslm_sensorsMatch2.2.0

lm_sensorslm_sensorsMatch2.2.1

lm_sensorslm_sensorsMatch2.2.2

lm_sensorslm_sensorsMatch2.3.0

lm_sensorslm_sensorsMatch2.3.1

lm_sensorslm_sensorsMatch2.3.2

lm_sensorslm_sensorsMatch2.3.3

lm_sensorslm_sensorsMatch2.3.4

lm_sensorslm_sensorsMatch2.4.0

lm_sensorslm_sensorsMatch2.4.4

lm_sensorslm_sensorsMatch2.4.5

lm_sensorslm_sensorsMatch2.5.0

lm_sensorslm_sensorsMatch2.5.1

lm_sensorslm_sensorsMatch2.5.2

lm_sensorslm_sensorsMatch2.5.3

lm_sensorslm_sensorsMatch2.5.4

lm_sensorslm_sensorsMatch2.5.5

lm_sensorslm_sensorsMatch2.6.0

lm_sensorslm_sensorsMatch2.6.1

lm_sensorslm_sensorsMatch2.6.2

lm_sensorslm_sensorsMatch2.6.3

lm_sensorslm_sensorsMatch2.6.4

lm_sensorslm_sensorsMatch2.6.5

lm_sensorslm_sensorsMatch2.7.0

lm_sensorslm_sensorsMatch2.8.0

lm_sensorslm_sensorsMatch2.8.1

lm_sensorslm_sensorsMatch2.8.2

lm_sensorslm_sensorsMatch2.8.3

lm_sensorslm_sensorsMatch2.8.4

lm_sensorslm_sensorsMatch2.8.5

lm_sensorslm_sensorsMatch2.8.6

lm_sensorslm_sensorsMatch2.8.7

lm_sensorslm_sensorsMatch2.8.8

lm_sensorslm_sensorsMatch2.9.0

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=324193

secunia.com/advisories/16501

secunia.com/advisories/17499

secunia.com/advisories/17535

secure.netroedge.com/~lm78/cvs/lm_sensors2/CHANGES

securitytracker.com/id?1015180

www.debian.org/security/2005/dsa-814

www.mandriva.com/security/advisories?name=MDKSA-2005:149

www.redhat.com/support/errata/RHSA-2005-825.html

www.securityfocus.com/bid/14624

www.vupen.com/english/advisories/2005/1492

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9993

usn.ubuntu.com/172-1/

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

JSON

Related for NVD:CVE-2005-2672

nessus7 gentoo1 centos1 openvas4 debiancve1 redhat1 ubuntucve1 cve1 debian2 cvelist1