Vulnerabilities > CVE-2005-3268 - Unspecified vulnerability in Raphael Bossek Yiff Server 2.14.2.7

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
raphael-bossek

Summary

yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files.

Vulnerable Configurations

Part Description Count
Application
Raphael_Bossek
1