CVE-2004-0559

Name of the Vulnerable Software and Affected Versions Usermin versions 1.070 through 1.080 Usermin versions prior to 1.090

Description The issue allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory. Multiple vulnerabilities in the usermin package can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For versions 1.070 and 1.080, consider updating to a version later than 1.080 to mitigate the risk. For versions prior to 1.090, update to version 1.090 or later to resolve the issue. As a temporary workaround, consider restricting access to the /tmp/.usermin directory to minimize the risk of exploitation.