CVE-2002-0435

Name of the Vulnerable Software and Affected Versions fileutils versions 4.0 through 4.1

Description The issue is related to multiple vulnerabilities in the fileutils package, which can lead to disruption of protected information integrity. Exploitation of these vulnerabilities can be performed locally. A race condition exists in the recursive directory deletion and directory move functions, allowing local users to delete directories as the user running fileutils by manipulating directory moves during deletion, potentially affecting directories up to the root file system.

Recommendations For fileutils versions 4.0 through 4.1, consider restricting access to the directory deletion and move functions to minimize the risk of exploitation. As a temporary workaround, consider disabling the recursive directory deletion feature until a patch is available. Restrict local user privileges to prevent potential exploitation of the race condition in directory operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.