Lucene search

[email protected]CVE-2006-0512

HistoryFeb 02, 2006 - 11:02 a.m.

CVE-2006-0512

2006-02-0211:02:00

[email protected]

web.nvd.nist.gov

cve-2006-0512

padl migrationtools

temporary files

symlink attack

security vulnerability

local users

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.

Affected configurations

NVD

Node

padl_softwaremigrationtoolsMatch46

CPENameOperatorVersion
padl_software:migrationtoolspadl software migrationtoolseq46

CPE	Name	Operator	Version
padl_software:migrationtools	padl software migrationtools	eq	46

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=338920

secunia.com/advisories/22243

www.vupen.com/english/advisories/2005/2427

www.debian.org/security/2006/dsa-1187

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2006-0512

nessus1 cvelist1 debian1 openvas2 ubuntucve1 debiancve1 prion1 nvd1 securityvulns1 osv1