RSS   Vulnerabilities for 'Policyd-weight'   RSS

2008-03-31
 
CVE-2008-1570

CWE-362
 

 
Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569.

 
 
CVE-2008-1569

CWE-59
 

 
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.

 


Copyright 2024, cxsecurity.com

 

Back to Top