CVE-2002-2323

7.5HIGH

Key Information:

Vendor: Oracle
Status: Solaris Pc Netlink
Vendor: CVE Published:; 31 December 2002

Summary

Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.iss.net/security_center/static/9665.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/5281

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002

.