Vulnerabilities

CVE-2004-0233

by Fred · 05/05/2004

Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.

Date published : 2004-05-05

http://www.securityfocus.com/bid/10178

http://security.gentoo.org/glsa/glsa-200405-05.xml

Related

Tags: Cybersecurity Alert