CVE-2001-1494
Published Dec 31, 2001
Last updated 10 months ago
Overview
- Description
- script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-59
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A58DA98E-6F4E-4B84-B04A-0F9630FD91E2",
"versionEndExcluding": "2.11n"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FE82341-3E73-4F5B-BD9E-06C83F22E831"
},
{
"criteria": "cpe:2.3:a:avaya:integrated_management_suit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6055A272-7156-4E26-8250-EC067C5B1864"
},
{
"criteria": "cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EE68944-C31D-4B49-BC8F-07944E0E82AA"
},
{
"criteria": "cpe:2.3:a:avaya:intuity_lx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1169C59-054C-4EFB-B549-C0AB97F2DF42"
},
{
"criteria": "cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D8F6982-2F4D-4D78-92C1-97689D59F3A5"
},
{
"criteria": "cpe:2.3:a:avaya:messaging_storage_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFB58B84-4CAA-4BE6-943D-2F53F7B8A568"
}
],
"operator": "OR"
}
]
}
]