Vulnerabilities > CVE-2003-0202 - Local File Creation vulnerability in Brian Renaud Metrics 1.0

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
brian-renaud
nessus
NVD
Published: 2004-04-15
Updated: 2017-07-11

Summary

The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

Vulnerable Configurations

Part Description Count
Application
Brian_Renaud
1

Nessus

NASL familyDebian Local Security Checks
NASL idDEBIAN_DSA-279.NASL
descriptionPaul Szabo and Matt Zimmerman discovered two similar problems in metrics, a tools for software metrics. Two scripts in this package,
last seen2020-06-01
modified2020-06-02
plugin id15116
published2004-09-29
reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15116
titleDebian DSA-279-1 : metrics - insecure temporary file creation

References