CVE-2003-0596

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

27/08/2003

Last modified:

03/04/2025

Description

FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.

Impact

Vector 2.0

AV:L/AC:L/Au:N/C:P/I:P/A:N CVSS v2.0 Severity and Metrics:

Base Score: 3.60 LOW
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

Attack Vector (AV): Local
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): Physical
Integrity (I): Physical
Availability (A): None

Base Score 2.0

3.60

Severity 2.0

LOW

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:a:fdclone:fdclone:2.00a:::::::*

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=186219
https://www.debian.org/security/2003/dsa-352
http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=186219
https://www.debian.org/security/2003/dsa-352