Symlink Attack Vulnerability in Cfengine by Cfengine
CVE-2005-3137

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
5 October 2005

Summary

The cfmailfilter and cfcron.in files in Cfengine 1.6.5 are susceptible to a symlink attack, allowing local users to overwrite arbitrary files by exploiting temporary files. This raises significant security concerns as attackers can manipulate file system permissions and compromise system integrity. Prompt patching and proper permission management are essential to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.