CVE-1999-1244 - IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on t

CVE-1999-1244

Summary

IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.

References

Vulnerable Configurations

cpe:2.3:a:darren_reed:ipfilter:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:darren_reed:ipfilter:3.2.10:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	19990415 FSA-99.04-IPFILTER-v3.2.10
xf	ipfilter-temp-file(2087)

Last major update

19-12-2017 - 02:29

Published

15-04-1999 - 04:00

Last modified

19-12-2017 - 02:29