PT-2002-2986 · Akfingerd · Akfingerd
Published
2002-12-31
·
Updated
2017-07-29
·
CVE-2002-2274
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
akfingerd version 0.5
Description:
The issue allows local users to read arbitrary files as the akfingerd user via a symlink attack on the .plan file.
Recommendations:
For akfingerd version 0.5, consider restricting access to the .plan file to prevent symlink attacks until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Akfingerd