2.1
CVE-2005-4536
- EPSS 0.35%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:18:58
- Quelle security@debian.org
- CVE-Watchlists
- Unerledigt
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Libmail-audit-perl Version2.1-5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.27 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:N
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344029
http://secunia.com/advisories/18652
http://secunia.com/advisories/18656
http://www.debian.org/security/2006/dsa-960
http://www.securityfocus.com/bid/16434
http://www.vupen.com/english/advisories/2006/0378
https://exchange.xforce.ibmcloud.com/vulnerabilities/24380