PT-2012-2124 · Bokken · Bokken

Paul Wise

Published

2012-08-31

Updated

2012-09-05

CVE-2011-5146

CVSS v2.0

2.6

Low

Vector

AV:L/AC:H/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Bokken versions prior to 1.6 Bokken versions 1.5-x prior to 1.5-3

Description The issue allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot.

Recommendations For versions prior to 1.6, update to version 1.6 or later. For versions 1.5-x prior to 1.5-3, update to version 1.5-3 or later.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2011-5146

Bokken