Lucene search

MitreCVE-2001-0946

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2001-0946

2002-06-2504:00:00

mitre

web.nvd.nist.gov

cve-2001-0946

red hat 7.2

apmscript

denial of service

symlink attack

nvd

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

Percentile

5.1%

JSON

apmscript in Apmd in Red Hat 7.2 “Enigma” allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.

Affected configurations

Nvd

Node

redhatlinuxMatch7.2

VendorProductVersionCPE
redhatlinux7.2cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	linux	7.2	cpe:2.3:o:redhat:linux:7.2:::::::*

References

marc.info/?l=bugtraq&m=100743394701962&w=2

www.osvdb.org/5493

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389

exchange.xforce.ibmcloud.com/vulnerabilities/8268

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0946