PT-2000-1787 · Gnome · Gnome Esound

Published

2000-11-14

Updated

2017-10-10

CVE-2000-0864

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GNOME esound versions 0.2.19 and earlier

Description A race condition exists in the creation of a Unix domain socket, allowing a local user to change the permissions of arbitrary files and directories, and gain additional privileges via a symlink attack.

Recommendations For versions 0.2.19 and earlier, update to a version later than 0.2.19 to resolve the issue.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2000-0864

Affected Products

Gnome Esound

PT-2000-1787 · Gnome · Gnome Esound

CVE-2000-0864

Weakness Enumeration

Related Identifiers

Affected Products

References · 11