Vulnerability Details CVE-2005-3341
DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.5%
CVSS Severity
CVSS v2 Score 2.1
References
- http://secunia.com/advisories/18227
- http://secunia.com/advisories/18228
- http://www.debian.org/security/2005/dsa-928
- http://www.osvdb.org/21934
- http://www.osvdb.org/21935
- http://www.securityfocus.com/bid/16065
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23859
- http://secunia.com/advisories/18227
- http://secunia.com/advisories/18228
- http://www.debian.org/security/2005/dsa-928
- http://www.osvdb.org/21934
- http://www.osvdb.org/21935
- http://www.securityfocus.com/bid/16065
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23859
Products affected by CVE-2005-3341
-
cpe:2.3:a:dhis_tools:dns_package:*