CVE-2002-0137

CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file...

CVE-2002-0137

CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file...

CVE-2002-0137

CVE-2002-0137 affects CDRDAO 1.1.4 and 1.1.5, where a local user can exploit a symlink to overwrite the user’s ~/.cdrdao configuration file and potentially escalate. The Mandrake advisory (MDKSA-2005:089) notes a second vulnerability (read arbitrary files) and confirms that the packages have been...