6.2
CVE-2002-0211
- EPSS 0.89%
- Veröffentlicht 16.05.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tarantella ≫ Tarantella Enterprise Version3.3.0
Tarantella ≫ Tarantella Enterprise Version3.3.0.1
Tarantella ≫ Tarantella Enterprise Version3.3.10
Tarantella ≫ Tarantella Enterprise Version3.3.11
Tarantella ≫ Tarantella Enterprise Version3.3.20
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.89% | 0.545 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.2 | 1.9 | 10 |
AV:L/AC:H/Au:N/C:C/I:C/A:C
|
http://marc.info/?l=bugtraq&m=101208650722179&w=2
http://online.securityfocus.com/archive/1/265845
http://www.iss.net/security_center/static/7996.php
http://www.securityfocus.com/bid/3966
http://www.tarantella.com/security/bulletin-04.html