CVE-2001-0139

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Score1.2
Access VectorLOCAL
Access ComplexityHIGH
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactPARTIAL
Availability ImpactNONE
Published2001-03-12 12:00:00.000-05
Last Modified2017-10-09 09:29:36.000-04

Vulnerable Software List

VendorProductVersions
Immunix Immunix 7.0 beta
Debian Debian Linux 2.2, 2.2::68k, 2.2::alpha, 2.2::arm, 2.2::sparc
Caldera Openlinux Edesktop 2.4
Caldera Openlinux Eserver 2.3
Caldera Openlinux Desktop 2.3
Redhat Linux 7.0
Mandrakesoft Mandrake Linux 6.0, 6.1, 7.0, 7.1, 7.2

References

SourceLink
BUGTRAQ20010110 Immunix OS Security update for lots of temp file problems
CALDERACSSA-2001-001.0
MANDRAKEMDKSA-2001:010
BID2190
XFlinux-inn-symlink(5916)