Vulnerability Description
rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Coast | Satan | 1.1.1 |
References
- http://marc.info/?l=bugtraq&m=90221103125976&w=2
- http://marc.info/?l=bugtraq&m=90221103125986&w=2
- http://www.iss.net/security_center/static/7167.php
- http://www.osvdb.org/3147
- http://marc.info/?l=bugtraq&m=90221103125976&w=2
- http://marc.info/?l=bugtraq&m=90221103125986&w=2
- http://www.iss.net/security_center/static/7167.php
- http://www.osvdb.org/3147
FAQ
What is CVE-1999-1037?
CVE-1999-1037 is a vulnerability with a CVSS score of 7.2 (HIGH). rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file.
How severe is CVE-1999-1037?
CVE-1999-1037 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1037?
Check the references section above for vendor advisories and patch information. Affected products include: Coast Satan.