ID CVE-2002-0044
Summary GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:enscript:-:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:-:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
CVSS
Base: 3.6 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:N
redhat via4
advisories
rhsa
id RHSA-2002:012
refmap via4
bid 3920
debian DSA-105
hp HPSBTL0201-019
mandrake MDKSA-2002:010
xf gnu-enscript-tmpfile-symlink(7932)
Last major update 10-10-2017 - 01:30
Published 31-01-2002 - 05:00
Last modified 10-10-2017 - 01:30
Back to Top