Vulnerabilities > CVE-2004-0160 - Unspecified vulnerability in Synaesthesia
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN synaesthesia
nessus
Summary
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-446.NASL |
| description | Ulf Harnhammar from the Debian Security Audit Project discovered a vulnerability in synaesthesia, a program which represents sounds visually. synaesthesia created its configuration file while holding root privileges, allowing a local user to create files owned by root and writable by the user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 15283 |
| published | 2004-09-29 |
| reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/15283 |
| title | Debian DSA-446-1 : synaesthesia - insecure file creation |