Lucene search
MitreCVE-2012-5303HistoryOct 05, 2012 - 9:55 p.m.
CVE-2012-5303
2012-10-0521:55:01
CWE-59
mitre
web.nvd.nist.gov
25
cve-2012-5303
nvd
security
symlink attack
local file overwrite
monkey http daemon
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname.
Affected configurations
Node
monkey-projectmonkeyMatch0.9.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| monkey-project | monkey | 0.9.3 | cpe:2.3:a:monkey-project:monkey:0.9.3:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2012-10-05 21:55:00
cvelist
cvelist
CVE-2012-5303
2012-10-05 21:00:00
nvd
nvd
CVE-2012-5303
2012-10-05 21:55:01
ubuntucve
ubuntucve
CVE-2012-5303
2012-10-05 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2012-5303