CVE-2005-3137

Published: Oct 5, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://bugs.gentoo.org/show_bug.cgi?id=107871

x_refsource_MISC

17040

third-party-advisory

x_refsource_SECUNIA

cfengine-mulitple-file-symlink(22489)

vdb-entry

x_refsource_XF

14994

vdb-entry

x_refsource_BID

DSA-836

vendor-advisory

x_refsource_DEBIAN

USN-198-1

vendor-advisory

x_refsource_UBUNTU

DSA-835

vendor-advisory

x_refsource_DEBIAN

17182

third-party-advisory

x_refsource_SECUNIA

17037

third-party-advisory

x_refsource_SECUNIA

http://groups.google.com/group/gnu.cfengine.help/browse_thread/thread/fc25e7d98f8ba401/38151ed821803be0#38151ed821803be0

x_refsource_MISC

17142

third-party-advisory

x_refsource_SECUNIA

17038

third-party-advisory

x_refsource_SECUNIA

MDKSA-2005:184

vendor-advisory

x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-3137

Description

Affected Products

References