1.2

CVE-2002-0435

Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuFileutils Version4.0
GnuFileutils Version4.1
GnuFileutils Version4.1.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.254
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.2 1.9 2.9
AV:L/AC:H/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt
Patch
Vendor Advisory
http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html
http://www.iss.net/security_center/static/8432.php
Patch
Vendor Advisory
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
http://www.redhat.com/support/errata/RHSA-2003-015.html
http://www.redhat.com/support/errata/RHSA-2003-016.html
http://www.securityfocus.com/archive/1/260936
Vendor Advisory
http://www.securityfocus.com/bid/4266
Patch
Vendor Advisory