In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://bugzilla.suse.com/show_bug.cgi?id=1117592 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: microfocus
Published: 2019-03-15T20:00:00Z
Updated: 2024-09-16T23:50:26.375Z
Reserved: 2018-10-03T00:00:00
Link: CVE-2018-17955
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-03-15T20:29:00.557
Modified: 2023-11-07T02:54:35.933
Link: CVE-2018-17955
Redhat
No data.