Lucene search
HistoryMay 02, 2005 - 4:00 a.m.
CVE-2005-0866
cdrecord
debug mode
vulnerability
local file overwrite
symlink attack
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Affected configurations
Node
cdrtoolscdrecordRange≤2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| cdrtools:cdrecord | cdrtools cdrecord | le | 2.0 |
Related
nvd
nvd
CVE-2005-0866
2005-05-02 04:00:00
cvelist
cvelist
CVE-2005-0866
2005-03-26 05:00:00
nessus
nessus
Mandrake Linux Security Advisory : cdrecord (MDKSA-2005:077)
2005-04-21 00:00:00
ubuntucve
ubuntucve
CVE-2005-0866
2005-05-02 00:00:00
oraclelinux
oraclelinux
Moderate: pam security and bug fix update
2007-06-20 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2005-0866