Published: 26/07/2002 Updated: 05/09/2008

CVSS v2 Base Score: 1.2 | Impact Score: 2.9 | Exploitability Score: 1.9

VMScore: 107

Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N

Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and previous versions allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu fileutils 4.0
gnu fileutils 4.1.6
gnu fileutils 4.1

NVD-CWE-Other http://www.securityfocus.com/archive/1/260936 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt http://www.iss.net/security_center/static/8432.php http://www.securityfocus.com/bid/4266 http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html http://www.redhat.com/support/errata/RHSA-2003-015.html http://www.redhat.com/support/errata/RHSA-2003-016.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0435

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect