CVE-2002-0137

UNRATEDJSON export Create alert

Description

CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.

Affected products

andreas_mueller / cdrdao1.1.4 – 1.1.4
andreas_mueller / cdrdao1.1.5 – 1.1.5

References

MAILING_LISThttp://marc.info/?l=bugtraq&m=101102759631000&w=2
MISChttp://www.securityfocus.com/bid/3865