CVE-2005-1879
MEDIUMLutelWall < 0.98 - Arbitrary File Overwrite via Symlink Attack on Temporary File
Title source: llmDescription
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
References (8)
Core 8
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200506-10.xml
Broken Link x_refsource_confirm
http://firewall.lutel.pl/download/0.98/ChangeLog
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014112
Not Applicable mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034424.html
Broken Link x_refsource_misc
http://www.zataz.net/adviso/lutelwall-05222005.txt
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15647
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15665
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13863
Scores
CVSS v3
5.5
EPSS
0.0039
EPSS Percentile
30.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-59
Status
published
Products (1)
lutel/lutelwall
< 0.98
Published
Jun 09, 2005
Tracked Since
Feb 18, 2026