← back
CVE-2001-1494

CVE-2001-1494

EPSS 0.4%
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/bugtraq/2001/Dec/0122.htmlhttp://seclists.org/bugtraq/2001/Dec/0123.htmlhttp://secunia.com/advisories/16785http://secunia.com/advisories/18502https://exchange.xforce.ibmcloud.com/vulnerabilities/7718https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723http://support.avaya.com/elmodocs2/security/ASA-2006-014.htmhttp://www.redhat.com/support/errata/RHSA-2005-782.htmlhttp://www.securityfocus.com/bid/16280