CVE Vulnerabilities

CVE-2006-6382

Published: Dec 07, 2006 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:L/AC:L/Au:S/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The control panel for Positive Software H-Sphere before 2.5.0 RC3 creates log files in a users directory with insecure permissions, which allows local users to append log data to arbitrary files via a symlink attack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected Software

Name Vendor Start Version End Version
H-sphere Positive_software 2.4.3 2.4.3

References