CVE-2001-1277 — LOW (2.1) — White Hats Nepal

Q: What is CVE-2001-1277?

CVE-2001-1277 is a vulnerability with a CVSS score of 2.1 (LOW). makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.

Q: How severe is CVE-2001-1277?

CVE-2001-1277 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2001-1277?

Check the references section above for vendor advisories and patch information. Affected products include: Wolfram Schneider Makewhatis.

Vulnerability Description

makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Wolfram Schneider	Makewhatis	<= 1.5i2

References

http://marc.info/?l=bugtraq&m=99227597227747&w=2
http://www.redhat.com/support/errata/RHSA-2001-072.htmlPatchVendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805
http://marc.info/?l=bugtraq&m=99227597227747&w=2
http://www.redhat.com/support/errata/RHSA-2001-072.htmlPatchVendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805

FAQ

What is CVE-2001-1277?

CVE-2001-1277 is a vulnerability with a CVSS score of 2.1 (LOW). makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.

How severe is CVE-2001-1277?

CVE-2001-1277 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-1277?

Check the references section above for vendor advisories and patch information. Affected products include: Wolfram Schneider Makewhatis.