Lucene search
MitreCVE-2001-1378HistoryApr 02, 2003 - 5:00 a.m.
CVE-2001-1378
2003-04-0205:00:00
CWE-59
mitre
web.nvd.nist.gov
19
cve-2001-1378
nvd
fetchmail
5.7.4
file overwrite
symlink attack
temporary files
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
Affected configurations
Node
fetchmailfetchmailRange≤5.7.2
ORfetchmailfetchmailMatch4.5.1
ORfetchmailfetchmailMatch4.5.2
ORfetchmailfetchmailMatch4.5.3
ORfetchmailfetchmailMatch4.5.4
ORfetchmailfetchmailMatch4.5.5
ORfetchmailfetchmailMatch4.5.6
ORfetchmailfetchmailMatch4.5.7
ORfetchmailfetchmailMatch4.5.8
ORfetchmailfetchmailMatch4.6.0
ORfetchmailfetchmailMatch4.6.1
ORfetchmailfetchmailMatch4.6.2
ORfetchmailfetchmailMatch4.6.3
ORfetchmailfetchmailMatch4.6.4
ORfetchmailfetchmailMatch4.6.5
ORfetchmailfetchmailMatch4.6.6
ORfetchmailfetchmailMatch4.6.7
ORfetchmailfetchmailMatch4.6.8
ORfetchmailfetchmailMatch4.6.9
ORfetchmailfetchmailMatch4.7.0
ORfetchmailfetchmailMatch4.7.1
ORfetchmailfetchmailMatch4.7.2
ORfetchmailfetchmailMatch4.7.3
ORfetchmailfetchmailMatch4.7.4
ORfetchmailfetchmailMatch4.7.5
ORfetchmailfetchmailMatch4.7.6
ORfetchmailfetchmailMatch4.7.7
ORfetchmailfetchmailMatch5.0.0
ORfetchmailfetchmailMatch5.0.1
ORfetchmailfetchmailMatch5.0.2
ORfetchmailfetchmailMatch5.0.3
ORfetchmailfetchmailMatch5.0.4
ORfetchmailfetchmailMatch5.0.5
ORfetchmailfetchmailMatch5.0.6
ORfetchmailfetchmailMatch5.0.7
ORfetchmailfetchmailMatch5.0.8
ORfetchmailfetchmailMatch5.1.0
ORfetchmailfetchmailMatch5.1.4
ORfetchmailfetchmailMatch5.2.0
ORfetchmailfetchmailMatch5.2.1
ORfetchmailfetchmailMatch5.2.3
ORfetchmailfetchmailMatch5.2.4
ORfetchmailfetchmailMatch5.2.7
ORfetchmailfetchmailMatch5.2.8
ORfetchmailfetchmailMatch5.3.0
ORfetchmailfetchmailMatch5.3.1
ORfetchmailfetchmailMatch5.3.3
ORfetchmailfetchmailMatch5.3.8
ORfetchmailfetchmailMatch5.4.0
ORfetchmailfetchmailMatch5.4.3
ORfetchmailfetchmailMatch5.4.4
ORfetchmailfetchmailMatch5.4.5
ORfetchmailfetchmailMatch5.5.0
ORfetchmailfetchmailMatch5.5.2
ORfetchmailfetchmailMatch5.5.3
ORfetchmailfetchmailMatch5.5.5
ORfetchmailfetchmailMatch5.5.6
ORfetchmailfetchmailMatch5.6.0
ORfetchmailfetchmailMatch5.7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fetchmail | fetchmail | * | cpe:2.3:a:fetchmail:fetchmail:*:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.1 | cpe:2.3:a:fetchmail:fetchmail:4.5.1:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.2 | cpe:2.3:a:fetchmail:fetchmail:4.5.2:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.3 | cpe:2.3:a:fetchmail:fetchmail:4.5.3:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.4 | cpe:2.3:a:fetchmail:fetchmail:4.5.4:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.5 | cpe:2.3:a:fetchmail:fetchmail:4.5.5:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.6 | cpe:2.3:a:fetchmail:fetchmail:4.5.6:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.7 | cpe:2.3:a:fetchmail:fetchmail:4.5.7:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.5.8 | cpe:2.3:a:fetchmail:fetchmail:4.5.8:*:*:*:*:*:*:* |
| fetchmail | fetchmail | 4.6.0 | cpe:2.3:a:fetchmail:fetchmail:4.6.0:*:*:*:*:*:*:* |
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2001-1378