[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-0054Date: (C)2012-03-19   (M)2023-12-22


libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.3
Exploit Score: 3.4
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
OSVDB-78472
http://www.openwall.com/lists/oss-security/2012/01/17/7
http://www.openwall.com/lists/oss-security/2012/01/17/10
http://code.google.com/p/golismero/source/detail?r=2b3bb43d68676efd687361f7de29380189031ab8

CWE    1
CWE-59

© SecPod Technologies