Vulnerability Details CVE-2002-2382
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.7%
CVSS Severity
CVSS v2 Score 7.2
References
- http://archives.neohapsis.com/archives/freebsd/2002-11/0011.html
- http://www.iss.net/security_center/static/10610.php
- http://www.securityfocus.com/bid/6150
- http://archives.neohapsis.com/archives/freebsd/2002-11/0011.html
- http://www.iss.net/security_center/static/10610.php
- http://www.securityfocus.com/bid/6150