Published: 12/03/2001 Updated: 10/10/2017

CVSS v2 Base Score: 1.2 | Impact Score: 2.9 | Exploitability Score: 1.9

VMScore: 107

Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N

squid 2.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Vulnerable Product	Search on Vulmon	Subscribe to Product
immunix immunix 7.0_beta
national science foundation squid web proxy 2.3_stable4
mandrakesoft mandrake linux 7.2
redhat linux 7.0
mandrakesoft mandrake linux 6.0
mandrakesoft mandrake linux 6.1
trustix secure linux 1.1
trustix secure linux 1.2
mandrakesoft mandrake linux 7.0
mandrakesoft mandrake linux 7.1

WireX discovered a potential temporary file race condition in the way that squid sends out email messages notifying the administrator about updating the program This could lead to arbitrary files to get overwritten However the code would only be executed if running a very bleeding edge release of squid, running a server whose time is set some num ...

NVD-CWE-Other http://www.securityfocus.com/bid/2184 http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3 http://www.debian.org/security/2001/dsa-019 http://marc.info/?l=bugtraq&m=97916374410647&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/5921 https://nvd.nist.gov https://www.debian.org/security/./dsa-019

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-0142

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect