Vulnerability Details CVE-2001-1277
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.2%
CVSS Severity
CVSS v2 Score 2.1
References
- http://marc.info/?l=bugtraq&m=99227597227747&w=2
- http://www.redhat.com/support/errata/RHSA-2001-072.html
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805
- http://marc.info/?l=bugtraq&m=99227597227747&w=2
- http://www.redhat.com/support/errata/RHSA-2001-072.html
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805
Products affected by CVE-2001-1277
-
cpe:2.3:a:wolfram_schneider:makewhatis:*