CVE-2001-0496 — Mandrake Linux vulnerability

5 documents5 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 79.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux Redhat Linux

Timeline

PublishedJun 27

Latest updateApr 30

Description

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDredhat/linux7.1

▶NVDmandrakesoft/mandrake_linux2007

Patches

Patch: www.linux-mandrake.com ↗Patch: www.redhat.com ↗Patch: www.linux-mandrake.com ↗

🔴Vulnerability Details

GHSA

GHSA-283r-9v3h-5q9m: kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges↗2022-04-30

▶

CVEList

CVE-2001-0496: kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges↗2001-05-24

▶

📋Vendor Advisories

Red Hat

security flaw↗2001-04-30

▶

💬Community

Bugzilla

CVE-2001-0496 security flaw↗2018-08-16

▶