- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200404-04 (Multiple vulnerabilities in sysstat)
There are two vulnerabilities in the way sysstat handles symlinks:
The isag utility, which displays sysstat data in a graphical format, creates a temporary file in an insecure manner.
Two scripts in the sysstat package, post and trigger, create temporary files in an insecure manner.
Impact :
Both vulnerabilities may allow an attacker to overwrite arbitrary files under the permissions of the user executing any of the affected utilities.
Workaround :
A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top