CVE Vulnerabilities

CVE-2001-1494

Published: Dec 31, 2001 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.

Affected Software

Name Vendor Start Version End Version
Util-linux Andries_brouwer * 2.11m
Red Hat Enterprise Linux 3 RedHat util-linux-0:2.11y-31.11 *
Red Hat Enterprise Linux 4 RedHat util-linux-0:2.12a-16.EL4.12 *

References