Description
Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Kris Kennaway · textlocalunix
https://www.exploit-db.com/exploits/20212
References (9)
Core 9
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1659
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5213
Third Party Advisory vendor-advisory
x_refsource_mandrake
http://archives.neohapsis.com/archives/bugtraq/2000-09/0328.htm
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2000/20001008
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-077.html
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/esound_daemon_race_condition.html
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://archives.neohapsis.com/archives/freebsd/2000-08/0365.html
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-10/0118.html
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-09/0095.html
Scores
EPSS
0.0005
EPSS Percentile
15.7%
Details
CWE
CWE-362
Status
published
Products (1)
gnome/esound
0.2.19
Published
Nov 14, 2000
Tracked Since
Feb 18, 2026