RSS   Vulnerabilities for 'Aegis-web'   RSS

2008-11-05
 
CVE-2008-4938

CWE-59
 

 
aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts.

 

 >>> Vendor: Aegis 2 Products
Aegis
Aegis-web


Copyright 2024, cxsecurity.com

 

Back to Top