Vulnerability Description
OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Omnisecure | Httprotect | 1.1.1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0357.htmlPatchVendor Advisory
- http://www.omnisecure.com/security-alert.htmlURL Repurposed
- http://www.osvdb.org/5452
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6880
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0357.htmlPatchVendor Advisory
- http://www.omnisecure.com/security-alert.htmlURL Repurposed
- http://www.osvdb.org/5452
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6880
FAQ
What is CVE-2001-1172?
CVE-2001-1172 is a vulnerability with a CVSS score of 4.6 (MEDIUM). OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file.
How severe is CVE-2001-1172?
CVE-2001-1172 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1172?
Check the references section above for vendor advisories and patch information. Affected products include: Omnisecure Httprotect.