Vulnerability Description
ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d".
CVSS Score
6.2
MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rildo Pragana | Ml85P | All versions |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0029.html
- http://www.idefense.com/advisory/01.21.03.txtExploitPatchVendor Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:010
- http://www.securityfocus.com/archive/1/307608/30/26270/threaded
- http://www.securitytracker.com/id?1005959
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0029.html
- http://www.idefense.com/advisory/01.21.03.txtExploitPatchVendor Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:010
- http://www.securityfocus.com/archive/1/307608/30/26270/threaded
- http://www.securitytracker.com/id?1005959
FAQ
What is CVE-2003-0036?
CVE-2003-0036 is a vulnerability with a CVSS score of 6.2 (MEDIUM). ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "ml...
How severe is CVE-2003-0036?
CVE-2003-0036 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0036?
Check the references section above for vendor advisories and patch information. Affected products include: Rildo Pragana Ml85P.