PT-2003-1736 · Fdclone · Fdclone

Tatsuya Kinoshita

Published

2003-07-25

Updated

2016-12-08

CVE-2003-0596

CVSS v2.0

3.6

Low

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions: FDclone versions 2.00a through 2.01

Description: The issue allows local users to read or modify files of other FDclone users by creating a temporary directory with a predictable name ahead of time. This is possible because FDclone creates temporary directories with predictable names and uses them if they already exist.

Recommendations: For FDclone versions 2.00a through 2.01, consider updating to version 2.02a or later to resolve the issue. As a temporary workaround, restrict access to the temporary directories used by FDclone to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0596

DSA-352

Affected Products

Fdclone

PT-2003-1736 · Fdclone · Fdclone

CVE-2003-0596

Related Identifiers

Affected Products

References · 6