Published: 14/11/2000 Updated: 10/10/2017

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 625

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and previous versions allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnome esound 0.2.19

source: wwwsecurityfocuscom/bid/1659/info EsounD, part of the GNOME desktop environment, is a server process allowing several applications to share the same sound hardware Versions of esound up to and including 0219 create a world-writable directory (/tmp/esd) which is also used to store a domain socket used by esound The unix dom ...

CWE-362 http://archives.neohapsis.com/archives/freebsd/2000-08/0365.html http://www.securityfocus.com/bid/1659 http://archives.neohapsis.com/archives/bugtraq/2000-09/0095.html http://archives.neohapsis.com/archives/bugtraq/2000-09/0328.htm http://www.redhat.com/support/errata/RHSA-2000-077.html http://www.debian.org/security/2000/20001008 http://archives.neohapsis.com/archives/bugtraq/2000-10/0118.html http://www.novell.com/linux/security/advisories/esound_daemon_race_condition.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5213 https://nvd.nist.gov https://www.exploit-db.com/exploits/20212/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2000-0864

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect