Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2004-0996

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-01 Dec, 2004 | 05:00
Updated At-08 Aug, 2024 | 00:39
Rejected At-
Credits

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:01 Dec, 2004 | 05:00
Updated At:08 Aug, 2024 | 00:39
Rejected At:
▼CVE Numbering Authority (CNA)

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
vdb-entry
x_refsource_XF
http://www.vupen.com/english/advisories/2007/2732
vdb-entry
x_refsource_VUPEN
http://www.securityfocus.com/archive/1/381611
mailing-list
x_refsource_BUGTRAQ
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
vendor-advisory
x_refsource_APPLE
http://www.securityfocus.com/archive/1/381443
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/11697
vdb-entry
x_refsource_BID
http://www.debian.org/security/2004/dsa-610
vendor-advisory
x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=110133485519690&w=2
mailing-list
x_refsource_BUGTRAQ
http://docs.info.apple.com/article.html?artnum=306172
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/381506
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/25159
vdb-entry
x_refsource_BID
http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/26235
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securityfocus.com/archive/1/381611
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.securityfocus.com/archive/1/381443
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/11697
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.debian.org/security/2004/dsa-610
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://marc.info/?l=bugtraq&m=110133485519690&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/381506
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/25159
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/26235
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
vdb-entry
x_refsource_XF
x_transferred
http://www.vupen.com/english/advisories/2007/2732
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securityfocus.com/archive/1/381611
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.securityfocus.com/archive/1/381443
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/11697
vdb-entry
x_refsource_BID
x_transferred
http://www.debian.org/security/2004/dsa-610
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://marc.info/?l=bugtraq&m=110133485519690&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://docs.info.apple.com/article.html?artnum=306172
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/381506
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/25159
vdb-entry
x_refsource_BID
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/26235
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/381611
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/381443
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/11697
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.debian.org/security/2004/dsa-610
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=110133485519690&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/381506
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/25159
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/26235
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Jan, 2005 | 05:00
Updated At:03 Apr, 2025 | 01:03

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
cscope
cscope
>>cscope>>13.0
cpe:2.3:a:cscope:cscope:13.0:*:*:*:*:*:*:*
cscope
cscope
>>cscope>>15.1
cpe:2.3:a:cscope:cscope:15.1:*:*:*:*:*:*:*
cscope
cscope
>>cscope>>15.3
cpe:2.3:a:cscope:cscope:15.3:*:*:*:*:*:*:*
cscope
cscope
>>cscope>>15.4
cpe:2.3:a:cscope:cscope:15.4:*:*:*:*:*:*:*
cscope
cscope
>>cscope>>15.5
cpe:2.3:a:cscope:cscope:15.5:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.0
cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
Gentoo Foundation, Inc.
gentoo
>>linux>>*
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
sco
sco
>>unixware>>7.1.1
cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*
sco
sco
>>unixware>>7.1.3
cpe:2.3:o:sco:unixware:7.1.3:*:*:*:*:*:*:*
sco
sco
>>unixware>>7.1.4
cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2009-04-09T00:00:00

Not vulnerable. cscope packages shipped with Red Hat Enterprise Linux 3, 4, and 5 contain a backported patch since their first release.

References
HyperlinkSourceResource
http://docs.info.apple.com/article.html?artnum=306172cve@mitre.org
N/A
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlcve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=110133485519690&w=2cve@mitre.org
N/A
http://secunia.com/advisories/26235cve@mitre.org
N/A
http://www.debian.org/security/2004/dsa-610cve@mitre.org
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200412-11.xmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/381443cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/381506cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/381611cve@mitre.org
N/A
http://www.securityfocus.com/bid/11697cve@mitre.org
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25159cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/2732cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/18125cve@mitre.org
N/A
http://docs.info.apple.com/article.html?artnum=306172af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=110133485519690&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/26235af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2004/dsa-610af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200412-11.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/381443af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/381506af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/381611af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/11697af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25159af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/2732af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/18125af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=110133485519690&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/26235
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2004/dsa-610
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/381443
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/381506
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/381611
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/11697
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/25159
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=110133485519690&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/26235
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2004/dsa-610
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/381443
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/381506
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/381611
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/11697
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/25159
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

57Records found
CVE-2019-17052
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.08% / 24.71%
||
7 Day CHG~0.00%
Published-01 Oct, 2019 | 13:11
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelfedoran/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-13762
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-3.3||LOW
EPSS-0.03% / 7.23%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 21:01
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Debian GNU/LinuxFedora ProjectMicrosoft Corporation
Product-enterprise_linux_serverenterprise_linux_for_scientific_computingdebian_linuxchromeenterprise_linux_workstationfedorawindowsenterprise_linux_desktopChrome
CWE ID-CWE-667
Improper Locking
CVE-2004-0770
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 20.12%
||
7 Day CHG~0.00%
Published-08 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.

Action-Not Available
Vendor-dgenn/aDebian GNU/Linux
Product-emulatordebian_linuxn/a
CVE-2004-0972
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.08% / 24.29%
||
7 Day CHG~0.00%
Published-20 Oct, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Action-Not Available
Vendor-lvmn/aGentoo Foundation, Inc.
Product-linuxlogical_volume_management_utilitiesn/a
CVE-2005-1152
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-2.1||LOW
EPSS-0.07% / 21.87%
||
7 Day CHG~0.00%
Published-25 May, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-qpoppern/a
CVE-2017-1000369
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-0.40% / 59.86%
||
7 Day CHG+0.11%
Published-19 Jun, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

Action-Not Available
Vendor-n/aEximDebian GNU/Linux
Product-debian_linuxeximn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2016-2057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.10% / 28.11%
||
7 Day CHG~0.00%
Published-13 Apr, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue.

Action-Not Available
Vendor-xymonn/aDebian GNU/Linux
Product-debian_linuxxymonn/a
  • Previous
  • 1
  • 2
  • Next
Details not found