Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the remove_lock_file function in core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink attack on temporary files, which isn't properly handled by the writeFile function in core/smb4kfileio.cpp.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-02-03 15:28
Updated : 2011-03-07 18:49
NVD link : CVE-2007-0472
Mitre link : CVE-2007-0472
JSON object : View
CWE
Products Affected
smb4k
- smb4k