Description
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · textlocallinux
https://www.exploit-db.com/exploits/19946
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-012.html
Various Sources vendor-advisory
x_refsource_turbo
http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1232
Patch, Vendor Advisory vendor-advisory
x_refsource_caldera
ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt
Scores
EPSS
0.0011
EPSS Percentile
28.3%
Details
Status
published
Products (11)
mandrakesoft/mandrake_linux
6.1
mandrakesoft/mandrake_linux
7.0
openldap/openldap
1.2.7
openldap/openldap
1.2.8
openldap/openldap
1.2.9
openldap/openldap
1.2.10
redhat/linux
6.1 (3 CPE variants)
redhat/linux
6.2 (3 CPE variants)
turbolinux/turbolinux
4.2
turbolinux/turbolinux
4.4
... and 1 more
Published
Apr 21, 2000
Tracked Since
Feb 18, 2026