CVE-2015-4156

GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:gnu:parallel:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-06-02 14:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-4156

Mitre link : CVE-2015-4156

CVE.ORG link : CVE-2015-4156


JSON object : View

Products Affected

gnu

  • parallel

opensuse

  • opensuse
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')