CVE-2002-2001

Published: Dec 31, 2002Modified: Apr 16, 2026

1.2

Vector

AV:L/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 1.9 / Impact: 2.9

Source: NVD

Description

jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.

Affected (2)

Products: Jmcce: Jmcce · Mandrakesoft: Mandrake Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Jmcce Jmcce	Version 1.3.8

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Mandrakesoft Mandrake Linux	Version 8.1

References (6)

http://www.iss.net/security_center/static/7980.php

Source: cve@mitre.org

Patch

http://www.mandriva.com/security/advisories?name=MDKSA-2002:008

Source: cve@mitre.org

http://www.securityfocus.com/bid/3940

Source: cve@mitre.org

Patch

http://www.iss.net/security_center/static/7980.php

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.mandriva.com/security/advisories?name=MDKSA-2002:008

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3940

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.