CVE-2001-0109
published 2001-03-12CVE-2001-0109: rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
PriorityP413low1.2CVSS 2.0
AVLACHAuNCNIPAN
EXPLOIT
EPSS
0.75%
50.4th percentile
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)
exploitdb·2001-01-13
CVE-2001-0109 SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)
---
source: https://www.securityfocus.com/bid/2207/info
rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated.
A race condition in the rctab script could allow an attacker to either gain elevated privileges, or append to and corrupt system files. This problem exists due to the insecure creation of files in the /tmp directory by the rctab script. Upon execution of the rctab script, rctab creates a subdirectory in the /tmp directory, using directory name rctmpdir.[pid of rctab process]. The script, which is normally run by root, does not check for an already existing rctmpdir.[pid of rctab pr
Exploit-DB
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)
exploitdb·2001-01-13
CVE-2001-0109 SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)
---
source: https://www.securityfocus.com/bid/2207/info
rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated.
A race condition in the rctab script could allow an attacker to either gain elevated privileges, or append to and corrupt system files. This problem exists due to the insecure creation of files in the /tmp directory by the rctab script. Upon execution of the rctab script, rctab creates a subdirectory in the /tmp directory, using directory name rctmpdir.[pid of rctab process]. The script, which is normally run by root, does not check for an already existing rctmpdir.[pid of rctab pr
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-01/0226.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-01/0272.htmlhttp://www.securityfocus.com/bid/2207https://exchange.xforce.ibmcloud.com/vulnerabilities/5945http://archives.neohapsis.com/archives/bugtraq/2001-01/0226.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-01/0272.htmlhttp://www.securityfocus.com/bid/2207https://exchange.xforce.ibmcloud.com/vulnerabilities/5945
2001-03-12
Published