CVE-2012-3453

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
debianlogol
1.5.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
logol
bullseye
1.7.9-3
fixed
bookworm
1.7.9+dfsg-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
logol
precise
dne
oneiric
dne
natty
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683647
http://www.openwall.com/lists/oss-security/2012/08/03/8
http://www.securityfocus.com/bid/54802
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683647
http://www.openwall.com/lists/oss-security/2012/08/03/8
http://www.securityfocus.com/bid/54802