Vulnerabilities > CVE-2002-0211 - Unspecified vulnerability in Tarantella Enterprise

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

tarantella

exploit available

NVD

Published: 2002-05-16

Updated: 2024-02-14

Summary

Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.

Vulnerable Configurations

Part	Description	Count
Application	Tarantella Tarantella Tarantella Enterprise 3.3.10 Tarantella Tarantella Enterprise 3.3.11 Tarantella Tarantella Enterprise 3.3.20 Tarantella Tarantella Enterprise 3.3.0.1 Tarantella Tarantella Enterprise 3.3.0	5

Exploit-Db

description	Tarantella Enterprise 3 gunzip Race Condition Vulnerability. CVE-2002-0211. Local exploit for unix platform
id	EDB-ID:21244
last seen	2016-02-02
modified	2002-02-08
published	2002-02-08
reporter	Larry Cashdollar
source	https://www.exploit-db.com/download/21244/
title	Tarantella Enterprise 3 gunzip Race Condition Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References