CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0435

Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.3%

CVSS Severity

CVSS v2 Score 1.2

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt
http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html
http://www.iss.net/security_center/static/8432.php
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
http://www.redhat.com/support/errata/RHSA-2003-015.html
http://www.redhat.com/support/errata/RHSA-2003-016.html
http://www.securityfocus.com/archive/1/260936
http://www.securityfocus.com/bid/4266
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt
http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html
http://www.iss.net/security_center/static/8432.php
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
http://www.redhat.com/support/errata/RHSA-2003-015.html
http://www.redhat.com/support/errata/RHSA-2003-016.html
http://www.securityfocus.com/archive/1/260936
http://www.securityfocus.com/bid/4266

Products affected by CVE-2002-0435

Gnu » Fileutils » Version: 4.0

cpe:2.3:a:gnu:fileutils:4.0
Gnu » Fileutils » Version: 4.1

cpe:2.3:a:gnu:fileutils:4.1
Gnu » Fileutils » Version: 4.1.6

cpe:2.3:a:gnu:fileutils:4.1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0435

Products

Pricing

Contact Us