Vulnerability Details CVE-2015-4155
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) --compress, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.7%
CVSS Severity
CVSS v2 Score 3.6
References
- http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
- http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
- http://www.securityfocus.com/bid/74962
- http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
- http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
- http://www.securityfocus.com/bid/74962