CVE-2001-0416
First published: Wed Jun 27 2001(Updated: )
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ethtool | =1.0.9.15 | |
| CentOS Dos2unix | =6.2 | |
| CentOS Dos2unix | =7.0 | |
| CentOS Dos2unix | =7.0_beta | |
| Mandrake Linux | =6.0 | |
| Mandrake Linux | =6.1 | |
| Mandrake Linux | =7.1 | |
| Mandrake Linux | =7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.debian.org/security/2001/dsa-038
- http://www.redhat.com/support/errata/RHSA-2001-027.html
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000390
- http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html
- http://www.securityfocus.com/bid/2683
- http://www.securityfocus.com/bid/2506
- http://marc.info/?l=bugtraq&m=98477491130367&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6201
Frequently Asked Questions
What is the severity of CVE-2001-0416?
CVE-2001-0416 is classified as a medium severity vulnerability due to its potential to allow unauthorized access to sensitive files.
How do I fix CVE-2001-0416?
To fix CVE-2001-0416, update sgml-tools to version 1.0.9-15 or later to ensure secure file permissions.
What software is affected by CVE-2001-0416?
CVE-2001-0416 affects sgml-tools versions prior to 1.0.9-15 across several Linux distributions including Debian and Mandrake Linux.
What is the impact of CVE-2001-0416?
The impact of CVE-2001-0416 is that it allows other users to read temporary files created by sgml-tools, potentially exposing sensitive information.
Is CVE-2001-0416 still a threat today?
CVE-2001-0416 may not be a significant threat in modern environments with updated software, but systems running vulnerable versions remain at risk.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/debian
- canonical/ethtool
- version/ethtool/1.0.9.15
- vendor/immunix
- canonical/centos dos2unix
- version/centos dos2unix/6.2
- version/centos dos2unix/7.0
- version/centos dos2unix/7.0_beta
- vendor/mandrakesoft
- canonical/mandrake linux
- version/mandrake linux/6.0
- version/mandrake linux/6.1
- version/mandrake linux/7.1
- version/mandrake linux/7.2