CVE-2002-0044

5 documents5 sources
Severity
3.6LOW
EPSS
0.1%
top 65.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
GNU EnscriptDebian Debian LinuxRedhat Linux
Timeline
PublishedJan 31
Latest updateApr 30

Description

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages2 packages

NVDgnu/enscript1.6.1
NVDredhat/linux6 versions+5

Also affects: Debian Linux 2.2

🔴Vulnerability Details

2
GHSA
GHSA-rcv5-2pf2-pw75: GNU Enscript 12022-04-30
CVEList
CVE-2002-0044: GNU Enscript 12002-06-25

📋Vendor Advisories

1
Red Hat
security flaw2002-01-14

💬Community

1
Bugzilla
CVE-2002-0044 security flaw2018-08-16
CVE-2002-0044 (LOW CVSS 3.6) | GNU Enscript 1.6.1 and earlier allo | cvebase.io