CVE-2002-1516

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.1%

top 79.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SGI Irix

Timeline

PublishedApr 2

Latest updateMay 3

Description

rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDsgi/irix23 versions+22

Patches

Patch: www.ciac.org ↗Patch: www.iss.net ↗Patch: www.ciac.org ↗

🔴Vulnerability Details

GHSA

GHSA-cvgv-4v7x-cwc9: rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack↗2022-05-03

▶

CVEList

CVE-2002-1516: rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack↗2004-09-01

▶