CVE-2001-0125

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2001-0125
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

1.2 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 1.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html
http://marc.info/?l=bugtraq&m=97846489313059&w=2
http://marc.info/?l=bugtraq&m=97958594330100&w=2
http://www.beedub.com/exmh/symlink.html Patch Vendor Advisory
http://www.debian.org/security/2001/dsa-022
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/5829
http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html
http://marc.info/?l=bugtraq&m=97846489313059&w=2
http://marc.info/?l=bugtraq&m=97958594330100&w=2
http://www.beedub.com/exmh/symlink.html Patch Vendor Advisory
http://www.debian.org/security/2001/dsa-022
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/5829
Configurations

Configuration 1 (hide)

cpe:2.3:a:exmh:exmh:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
History

20 Nov 2024, 23:34

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html - () http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html -
References () http://marc.info/?l=bugtraq&m=97846489313059&w=2 - () http://marc.info/?l=bugtraq&m=97846489313059&w=2 -
References () http://marc.info/?l=bugtraq&m=97958594330100&w=2 - () http://marc.info/?l=bugtraq&m=97958594330100&w=2 -
References () http://www.beedub.com/exmh/symlink.html - Patch, Vendor Advisory () http://www.beedub.com/exmh/symlink.html - Patch, Vendor Advisory
References () http://www.debian.org/security/2001/dsa-022 - () http://www.debian.org/security/2001/dsa-022 -
References () http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3 - Patch () http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/5829 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/5829 -
Information

Published : 2001-03-12 05:00

Updated : 2024-11-20 23:34

NVD link : CVE-2001-0125

Mitre link : CVE-2001-0125

CVE.ORG link : CVE-2001-0125

JSON object : View

Products Affected

mandrakesoft

  • mandrake_linux
  • mandrake_linux_corporate_server

exmh

  • exmh

debian

  • debian_linux
CWE
NVD-CWE-Other