Vulnerabilities > CVE-2003-0606

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

nessus

NVD

Published: 2003-08-27

Updated: 2008-09-10

Summary

sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.

Part	Description	Count
Application	Cvsup Cvsup Cvsup Mirror 1.2	1
Application	Sup SUP SUP 1.8	1

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-353.NASL
description	sup, a package used to maintain collections of files in identical versions across machines, fails to take appropriate security precautions when creating temporary files. A local attacker could exploit this vulnerability to overwrite arbitrary files with the privileges of the user running sup.
last seen	2020-06-01
modified	2020-06-02
plugin id	15190
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15190
title	Debian DSA-353-1 : sup - insecure temporary file