Local Privilege Escalation via Symlink Attack in cfengine 1.6.5 and 2.1.16

Local Privilege Escalation via Symlink Attack in cfengine 1.6.5 and 2.1.16

CVE-2005-2960 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.

Learn more about our User Device Pen Test.