2.1

CVE-2012-5530

The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SgiPerformance Co-pilot Version <= 3.6.9
SgiPerformance Co-pilot Version2.1.1
SgiPerformance Co-pilot Version2.1.2
SgiPerformance Co-pilot Version2.1.3
SgiPerformance Co-pilot Version2.1.4
SgiPerformance Co-pilot Version2.1.5
SgiPerformance Co-pilot Version2.1.6
SgiPerformance Co-pilot Version2.1.7
SgiPerformance Co-pilot Version2.1.8
SgiPerformance Co-pilot Version2.1.9
SgiPerformance Co-pilot Version2.1.10
SgiPerformance Co-pilot Version2.1.11
SgiPerformance Co-pilot Version2.2
SgiPerformance Co-pilot Version3.6.4
SgiPerformance Co-pilot Version3.6.5
SgiPerformance Co-pilot Version3.6.6
SgiPerformance Co-pilot Version3.6.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.287
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html
http://www.securityfocus.com/bid/56656
https://bugzilla.novell.com/show_bug.cgi?id=782967
https://bugzilla.redhat.com/show_bug.cgi?id=875842