Vulnerabilities > CVE-2002-2323 - Improper Preservation of Permissions vulnerability in SUN Solaris PC Netlink 1.0/1.1/1.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sun

CWE-281

NVD

Published: 2002-12-31

Updated: 2024-01-25

Summary

Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN Solaris PC Netlink 1.0 SUN Solaris PC Netlink 1.1 SUN Solaris PC Netlink 1.2	3

Common Weakness Enumeration (CWE)

CWE-281 - Improper Preservation of Permissions

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1
http://www.securityfocus.com/bid/5281
http://www.iss.net/security_center/static/9665.php