mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-01 11:01:35 +02:00
0xMarcio
852 B
852 B
CVE-2004-0233
Description
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
POC
Reference
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979
Github
No PoCs found on GitHub currently.