LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
References
Link | Resource |
---|---|
http://firewall.lutel.pl/download/0.98/ChangeLog | Broken Link |
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034424.html | Not Applicable |
http://secunia.com/advisories/15647 | Broken Link |
http://secunia.com/advisories/15665 | Broken Link |
http://security.gentoo.org/glsa/glsa-200506-10.xml | Third Party Advisory |
http://securitytracker.com/id?1014112 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/13863 | Broken Link Third Party Advisory VDB Entry |
http://www.zataz.net/adviso/lutelwall-05222005.txt | Broken Link |
Configurations
History
26 Jan 2024, 17:01
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.94:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.95:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.93:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.91:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.97:*:*:*:*:*:*:* cpe:2.3:a:tomasz_lutelmowski:lutelwall:0.96:*:*:*:*:*:*:* |
cpe:2.3:a:lutel:lutelwall:*:*:*:*:*:*:*:* |
References | () http://firewall.lutel.pl/download/0.98/ChangeLog - Broken Link | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034424.html - Not Applicable | |
References | () http://secunia.com/advisories/15647 - Broken Link | |
References | () http://secunia.com/advisories/15665 - Broken Link | |
References | () http://security.gentoo.org/glsa/glsa-200506-10.xml - Third Party Advisory | |
References | () http://securitytracker.com/id?1014112 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/13863 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.zataz.net/adviso/lutelwall-05222005.txt - Broken Link | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 5.5 |
CWE | CWE-59 | |
First Time |
Lutel lutelwall
Lutel |
Information
Published : 2005-06-09 04:00
Updated : 2024-01-26 17:01
NVD link : CVE-2005-1879
Mitre link : CVE-2005-1879
CVE.ORG link : CVE-2005-1879
JSON object : View
Products Affected
lutel
- lutelwall
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')