CVE-2005-1856 — LOW (2.1) — White Hats Nepal

Vulnerability Description

The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Sukria	Backup Manager	0.5.6

References

http://www.debian.org/security/2005/dsa-787PatchVendor Advisory
http://www.debian.org/security/2005/dsa-787PatchVendor Advisory

FAQ

What is CVE-2005-1856?

CVE-2005-1856 is a vulnerability with a CVSS score of 2.1 (LOW). The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack.

How severe is CVE-2005-1856?

CVE-2005-1856 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-1856?

Check the references section above for vendor advisories and patch information. Affected products include: Sukria Backup Manager.