CVE-2001-1494 : script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardl

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.

Published 2001-12-31 05:00:00

Updated 2024-01-26 17:16:53

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2001-1494

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2001-1494

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:P/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

CWE ids for CVE-2001-1494

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2001-1494

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723

404 Not Found
Broken Link
http://www.redhat.com/support/errata/RHSA-2005-782.html

Support
Broken Link;Vendor Advisory
http://secunia.com/advisories/16785

About Secunia Research | Flexera
Broken Link
http://seclists.org/bugtraq/2001/Dec/0123.html

Bugtraq: Silly 'script' hardlink bug
Mailing List;Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7718

util-linux (script) command hardlink can be used to overwrite files CVE-2001-1494 Vulnerability Report
Third Party Advisory;VDB Entry
http://secunia.com/advisories/18502

About Secunia Research | Flexera
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm

Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/16280

Broken Link;Third Party Advisory;VDB Entry
http://seclists.org/bugtraq/2001/Dec/0122.html

Bugtraq: Silly 'script' hardlink bug - fixed
Mailing List;Third Party Advisory

Products affected by CVE-2001-1494

Avaya » Cvlan
cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*
Matching versions
Avaya » Interactive Response
cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*
Matching versions
Avaya » Message Networking
cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*
Matching versions
Avaya » Messaging Storage Server
cpe:2.3:a:avaya:messaging_storage_server:*:*:*:*:*:*:*:*
Matching versions
Avaya » Integrated Management Suit
cpe:2.3:a:avaya:integrated_management_suit:*:*:*:*:*:*:*:*
Matching versions
Avaya » Intuity Lx
cpe:2.3:a:avaya:intuity_lx:*:*:*:*:*:*:*:*
Matching versions
Kernel » Util-linux
Versions before (<) 2.11n
cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2001-1494

Exploit prediction scoring system (EPSS) score for CVE-2001-1494

CVSS scores for CVE-2001-1494

CWE ids for CVE-2001-1494

References for CVE-2001-1494

Products affected by CVE-2001-1494