1. Home
  2. CVE Database
  3. CVE-2006-4233
LOW · 3.6

CVE-2006-4233

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in t...

Vulnerability Description

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.

CVSS Score

3.6

LOW

AV:L/AC:L/Au:N/C:P/I:P/A:N
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
GlobusGlobus Toolkit3.2.0

References

FAQ

What is CVE-2006-4233?

CVE-2006-4233 is a vulnerability with a CVSS score of 3.6 (LOW). Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in t...

How severe is CVE-2006-4233?

CVE-2006-4233 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-4233?

Check the references section above for vendor advisories and patch information. Affected products include: Globus Globus Toolkit.