Vulnerabilities > CVE-2002-0211 - Unspecified vulnerability in Tarantella Enterprise
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN tarantella
exploit available
Summary
Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Exploit-Db
| description | Tarantella Enterprise 3 gunzip Race Condition Vulnerability. CVE-2002-0211. Local exploit for unix platform |
| id | EDB-ID:21244 |
| last seen | 2016-02-02 |
| modified | 2002-02-08 |
| published | 2002-02-08 |
| reporter | Larry Cashdollar |
| source | https://www.exploit-db.com/download/21244/ |
| title | Tarantella Enterprise 3 gunzip Race Condition Vulnerability |
References
- http://marc.info/?l=bugtraq&m=101208650722179&w=2
- http://marc.info/?l=bugtraq&m=101208650722179&w=2
- http://online.securityfocus.com/archive/1/265845
- http://online.securityfocus.com/archive/1/265845
- http://www.iss.net/security_center/static/7996.php
- http://www.iss.net/security_center/static/7996.php
- http://www.securityfocus.com/bid/3966
- http://www.securityfocus.com/bid/3966
- http://www.tarantella.com/security/bulletin-04.html
- http://www.tarantella.com/security/bulletin-04.html