LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
References
Configurations
History
20 Nov 2024, 23:58
Type | Values Removed | Values Added |
---|---|---|
References | () http://firewall.lutel.pl/download/0.98/ChangeLog - Broken Link | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034424.html - Not Applicable | |
References | () http://secunia.com/advisories/15647 - Broken Link | |
References | () http://secunia.com/advisories/15665 - Broken Link | |
References | () http://security.gentoo.org/glsa/glsa-200506-10.xml - Third Party Advisory | |
References | () http://securitytracker.com/id?1014112 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/13863 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.zataz.net/adviso/lutelwall-05222005.txt - Broken Link |
26 Jan 2024, 17:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-59 | |
References | (BID) http://www.securityfocus.com/bid/13863 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MISC) http://www.zataz.net/adviso/lutelwall-05222005.txt - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/15665 - Broken Link | |
References | (FULLDISC) http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034424.html - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/15647 - Broken Link | |
References | (CONFIRM) http://firewall.lutel.pl/download/0.98/ChangeLog - Broken Link | |
References | (SECTRACK) http://securitytracker.com/id?1014112 - Broken Link, Third Party Advisory, VDB Entry | |
References | (GENTOO) http://security.gentoo.org/glsa/glsa-200506-10.xml - Third Party Advisory | |
CPE | cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.92:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.91:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.93:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.97:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.94:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.95:*:*:*:*:*:*:* |
cpe:2.3:a:lutel:lutelwall:*:*:*:*:*:*:*:* |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 5.5 |
Information
Published : 2005-06-09 04:00
Updated : 2024-11-20 23:58
NVD link : CVE-2005-1879
Mitre link : CVE-2005-1879
CVE.ORG link : CVE-2005-1879
JSON object : View
Products Affected
lutel
- lutelwall
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')