Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2005-1707

Published: 24/05/2005 Updated: 08/03/2011
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 465
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The fn_show_postinst function in Gentoo webapp-config prior to 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.

Vulnerable Product Search on Vulmon Subscribe to Product

gentoo linux webapp-config 1.10

Exploits

Exploit DB: Gentoo Webapp-Config 1.10 - Insecure File Creation
source: wwwsecurityfocuscom/bid/13780/info Gentoo webapp-config is prone to an insecure file creation vulnerability This issue is due to a design error that causes the application to fail to verify the existence of a file before writing to it An attacker may leverage this issue to cause arbitrary shell commands to be executed with supe ...

References

NVD-CWE-Otherhttp://www.zataz.net/adviso/webapp-config-05182005.txthttp://www.osvdb.org/16746http://securitytracker.com/id?1014027http://secunia.com/advisories/15445http://bugs.gentoo.org/show_bug.cgi?id=91785http://www.gentoo.org/security/en/glsa/glsa-200506-13.xmlhttp://www.securityfocus.com/bid/13780http://www.vupen.com/english/advisories/2005/0809https://nvd.nist.govhttps://www.exploit-db.com/exploits/25709/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519open redirectCVE-2024-21683cache poisoningCVE-2021-47524CVE-2021-47521CVE-2024-5229CVE-2021-47560local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook