CVE-2002-2323

HIGH

Sun PC NetLink 1.0-1.2 - Improper Preservation of Permissions via Symbolic Link Handling

Title source: llm
STIX 2.1

Description

Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.

References (3)

Core 3
Core References
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1
Broken Link vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9665.php
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5281

Scores

CVSS v3 7.5
EPSS 0.0011
EPSS Percentile 29.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-281 CWE-59
Status published
Products (1)
sun/solaris_pc_netlink 1.0 - 1.2
Published Dec 31, 2002
Tracked Since Feb 18, 2026