PT-2002-1284 · Xinet · Xinet K-Ashare

Published

2002-05-16

Updated

2016-10-18

CVE-2002-0213

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Xinet K-AShare version 0.011.01 for IRIX

Description The issue allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

Recommendations For Xinet K-AShare version 0.011.01, consider restricting access to the VOLICON file to prevent symlink attacks until a patch is available. As a temporary workaround, avoid using the shared directory feature that copies the VOLICON file to the .HSicon file.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0213

Affected Products

Xinet K-Ashare

PT-2002-1284 · Xinet · Xinet K-Ashare

CVE-2002-0213

Related Identifiers

Affected Products

References · 5