RSS   Vulnerabilities for 'Sysstat'   RSS

2007-08-14
 
CVE-2007-3852

CWE-264
 

 
The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code.

 
2004-04-15
 
CVE-2004-0108

 

 
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.

 
 
CVE-2004-0107

 

 
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.

 


Copyright 2024, cxsecurity.com

 

Back to Top