Vulnerabilities > CVE-2000-0691 - Symbolic Link Traversal vulnerability in Gert Doering Mgetty 1.1.19/1.1.20/1.1.21

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
gert-doering
exploit available
NVD
Published: 2000-10-20
Updated: 2008-09-05

Summary

The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.

Vulnerable Configurations

Part Description Count
Application
Gert_Doering
3

Exploit-Db

descriptionGert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 Symbolic Link Traversal. CVE-2000-0691. Local exploit for unix platform
idEDB-ID:20179
last seen2016-02-02
modified2000-08-25
published2000-08-25
reporterStan Bubrouski
sourcehttps://www.exploit-db.com/download/20179/
titleGert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 Symbolic Link Traversal

References