cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.
CVSS Score
7.2
EPSS Score
0.0
Published
2002-12-31