Lucene search

[email protected]CVE-2001-0823

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0823

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0823

performance co-pilot

pcp

pmpost

privilege escalation

symlink attack.

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).

Affected configurations

NVD

Node

sgiperformance_co-pilotMatch2.1.1

sgiperformance_co-pilotMatch2.1.2

sgiperformance_co-pilotMatch2.1.3

sgiperformance_co-pilotMatch2.1.4

sgiperformance_co-pilotMatch2.1.5

sgiperformance_co-pilotMatch2.1.6

sgiperformance_co-pilotMatch2.1.7

sgiperformance_co-pilotMatch2.1.8

sgiperformance_co-pilotMatch2.1.9

sgiperformance_co-pilotMatch2.1.10

sgiperformance_co-pilotMatch2.1.11

sgiperformance_co-pilotMatch2.2

CPENameOperatorVersion
sgi:performance_co-pilotsgi performance co-piloteq2.1.1
sgi:performance_co-pilotsgi performance co-piloteq2.1.2
sgi:performance_co-pilotsgi performance co-piloteq2.1.3
sgi:performance_co-pilotsgi performance co-piloteq2.1.4
sgi:performance_co-pilotsgi performance co-piloteq2.1.5
sgi:performance_co-pilotsgi performance co-piloteq2.1.6
sgi:performance_co-pilotsgi performance co-piloteq2.1.7
sgi:performance_co-pilotsgi performance co-piloteq2.1.8
sgi:performance_co-pilotsgi performance co-piloteq2.1.9
sgi:performance_co-pilotsgi performance co-piloteq2.1.10

CPE	Name	Operator	Version
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.1
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.2
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.3
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.4
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.5
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.6
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.7
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.8
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.9
sgi:performance_co-pilot	sgi performance co-pilot	eq	2.1.10

Rows per page:

1-10 of 121

References

ftp://patches.sgi.com/support/free/security/advisories/20010601-01-A

archives.neohapsis.com/archives/bugtraq/2001-06/0245.html

marc.info/?l=bugtraq&m=99290754901708&w=2

www.securityfocus.com/bid/2887

exchange.xforce.ibmcloud.com/vulnerabilities/6724

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2001-0823

securityvulns1 nvd1 cvelist1