First published: Tue Dec 31 2002(Updated: )
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cvsup Cvsup | =1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.