| Vulnerability Name: | CVE-2003-0596 (CCN-12685) | ||||||||
| Assigned: | 2003-07-23 | ||||||||
| Published: | 2003-07-23 | ||||||||
| Updated: | 2016-12-08 | ||||||||
| Summary: | FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time. | ||||||||
| CVSS v3 Severity: | 5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 3.6 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N) 2.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
2.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CONFIRM Type: UNKNOWN http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=186219 Source: MITRE Type: CNA CVE-2003-0596 Source: DEBIAN Type: DSA-352 fdclone -- insecure temporary directory Source: CCN Type: OSVDB ID: 11457 FDclone Predictable Temp Directory Name Arbitrary Data Modification Source: CCN Type: BID-8247 FDClone Local Insecure Temporary Directory Creation Vulnerability Source: XF Type: UNKNOWN fdclone-tmpdirectory-gain-access(12685) Source: DEBIAN Type: UNKNOWN DSA-352 | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||