- Description
- iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name.
- Source
- security@ubuntu.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-59
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:suse_linux:10:sp2:enterprise:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DC820C5-6283-4EB7-A5C7-B28EFEFC3926"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux:11:-:enterprise:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB545D91-1C4C-4692-B01A-B8DAE4A958BE"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C35B68DF-1440-4587-8458-9C5F4D1E43F3"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883"
}
],
"operator": "OR"
}
]
}
]