CVE-1999-1541

shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file.

Published Bycve@mitre.org

Published DateOct 04, 1999, 04:00

Weakness Type (CWE):NVD-CWE-Other

CVSS Metrics

Base Score

7.2

Vector String

AV:L/AC:L/Au:N/C:C/I:C/A:C

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

COMPLETE

Integrity (I)

COMPLETE

Availability (A)

COMPLETE

References

http://marc.info/?l=bugtraq&m=93916168802365&w=2
http://www.atstake.com/research/advisories/1999/shell-lock.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/3358

Weakness Type (CWE):NVD-CWE-Other

CVSS Metrics

Base Score

7.2

Vector String

AV:L/AC:L/Au:N/C:C/I:C/A:C

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

COMPLETE

Integrity (I)

COMPLETE

Availability (A)

COMPLETE