4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
Multiple race conditions were discovered in augeas when saving
configuration files which expose it to symlink attacks.
Write access to the directory where the configuration file is located
is required by the attacker.
For Debian 6 Squeeze, these issues have been fixed in augeas version 0.7.2-1+deb6u1