fkie_nvd - fkie_cve-2005-2672

fkie_cve-2005-2672

Vulnerability from fkie_nvd

Published

2005-08-23 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file.

References

▼	URL	Tags
	cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324193
	cve@mitre.org	http://secunia.com/advisories/16501
	cve@mitre.org	http://secunia.com/advisories/17499
	cve@mitre.org	http://secunia.com/advisories/17535
	cve@mitre.org	http://secure.netroedge.com/~lm78/cvs/lm_sensors2/CHANGES
	cve@mitre.org	http://securitytracker.com/id?1015180
	cve@mitre.org	http://www.debian.org/security/2005/dsa-814
	cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:149
	cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-825.html
	cve@mitre.org	http://www.securityfocus.com/bid/14624
	cve@mitre.org	http://www.vupen.com/english/advisories/2005/1492
	cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9993
	cve@mitre.org	https://usn.ubuntu.com/172-1/
	af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324193
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16501
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17499
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17535
	af854a3a-2127-422b-91ae-364da2661108	http://secure.netroedge.com/~lm78/cvs/lm_sensors2/CHANGES
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015180
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-814
	af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:149
	af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-825.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/14624
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/1492
	af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9993
	af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/172-1/

Impacted products

Vendor	Product	Version
lm_sensors	lm_sensors	2.0.0
lm_sensors	lm_sensors	2.0.1
lm_sensors	lm_sensors	2.0.2
lm_sensors	lm_sensors	2.1.0
lm_sensors	lm_sensors	2.1.1
lm_sensors	lm_sensors	2.1.2
lm_sensors	lm_sensors	2.2.0
lm_sensors	lm_sensors	2.2.1
lm_sensors	lm_sensors	2.2.2
lm_sensors	lm_sensors	2.3.0
lm_sensors	lm_sensors	2.3.1
lm_sensors	lm_sensors	2.3.2
lm_sensors	lm_sensors	2.3.3
lm_sensors	lm_sensors	2.3.4
lm_sensors	lm_sensors	2.4.0
lm_sensors	lm_sensors	2.4.4
lm_sensors	lm_sensors	2.4.5
lm_sensors	lm_sensors	2.5.0
lm_sensors	lm_sensors	2.5.1
lm_sensors	lm_sensors	2.5.2
lm_sensors	lm_sensors	2.5.3
lm_sensors	lm_sensors	2.5.4
lm_sensors	lm_sensors	2.5.5
lm_sensors	lm_sensors	2.6.0
lm_sensors	lm_sensors	2.6.1
lm_sensors	lm_sensors	2.6.2
lm_sensors	lm_sensors	2.6.3
lm_sensors	lm_sensors	2.6.4
lm_sensors	lm_sensors	2.6.5
lm_sensors	lm_sensors	2.7.0
lm_sensors	lm_sensors	2.8.0
lm_sensors	lm_sensors	2.8.1
lm_sensors	lm_sensors	2.8.2
lm_sensors	lm_sensors	2.8.3
lm_sensors	lm_sensors	2.8.4
lm_sensors	lm_sensors	2.8.5
lm_sensors	lm_sensors	2.8.6
lm_sensors	lm_sensors	2.8.7
lm_sensors	lm_sensors	2.8.8
lm_sensors	lm_sensors	2.9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7022ABA4-523E-4416-A601-9E3AAB3A0316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "830356D2-5389-4960-8E4A-A6E76C4174C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBE9AD6-8F09-4D59-8308-149400E124ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94CA80C3-E527-4389-A011-7AE16C93A272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "673F66B0-3C25-4128-9916-B7BCC58B72F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FDEA8EE-ECF5-4AA5-919B-0F4FCBA76DF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0366C9C6-1113-4DB7-9B9C-F322090518BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD0BDE5-DDED-4558-B8AE-076C1C6FAF59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFEB6CF7-17DE-4375-B865-99ACAA94862A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "048D63F2-FF53-46A5-8C7A-B303493DDF64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0A70A0-0A7C-4049-836F-54BEC6ABEA0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC338AB-CA3E-4EB1-81B4-7611EFC5EB12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F45928F-C0C3-4AE4-B5A7-00B0BC810D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC27691-32AB-4F7C-9578-B1B8505B1D26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96446EA9-55A7-42AA-95D6-7990D2C5591F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AA5CFC2-87D3-4791-8ADE-D9E6AEA91675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA5EB26-218E-4D51-8A04-63521EBF19FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB74ADC3-C840-46DC-AAB2-2C559C167056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "286A3AB7-2448-4658-A73B-8FF6DB3452EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "946C4E11-C3D5-4148-A8A0-3CBD599C4C82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8A8D40-5A2A-440F-878C-F2E7827ACDF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C182A4F0-6EC9-40AD-8055-5336E81F3D8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D03522F-2ABF-4FB1-AAE9-22245E4104EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288B484B-8686-40E6-A2A0-1936A06AB46E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "893D901C-B093-4754-8CE0-F264BD595FDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0494E909-7125-40EC-B522-012A515C8802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C66C89EE-3A5B-4A49-AD8B-C0A3842262C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD5DB74-EAB5-40EF-88EC-E779872DCFC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9DD54B-6138-4FB3-950A-75944A356645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E63031-6E13-43A8-8668-91DF1524F2AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4C0B81E-C9C2-429C-9864-392904EA84F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B788580A-7ABD-4535-97C2-61092F5C77FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB36613C-0D0A-4695-A392-DFC0A9459D99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D21B37A6-354A-47CA-8849-DA14C34C5C74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5645DEA-2C2D-4748-915B-2B99D7C9DDBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1A57CA-66C4-425F-AED2-739D2C1D40B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "775FDB7D-C397-4E92-B71E-439BF37BB88D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D25E827-906D-4911-BF53-67DCB8FBD0AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CCED5C6-E00A-4C43-B731-A9C3A2BDC4FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lm_sensors:lm_sensors:2.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CE53B8-C121-4B83-B506-2410EFCAA986",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file."
    }
  ],
  "id": "CVE-2005-2672",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-08-23T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324193"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/16501"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17499"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17535"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secure.netroedge.com/~lm78/cvs/lm_sensors2/CHANGES"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015180"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-814"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:149"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-825.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/14624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/1492"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9993"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/172-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secure.netroedge.com/~lm78/cvs/lm_sensors2/CHANGES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-825.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/1492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/172-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2005-2672 (GCVE-0-2005-2672)

Vulnerability from cvelistv5