Tripwire: >> Tripwire Security Vulnerabilities
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-08-06
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-10-18
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.
CVSS Score
2.1
EPSS Score
0.001
Published
1999-01-04