CVE-2002-0435 Information

Feb 14, 2021 cve

Description

Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted which causes fileutils to chdir to a ..\ directory that is higher than expected possibly up to the root file system.

Reference

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html http://www.iss.net/security_center/static/8432.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php http://www.redhat.com/support/errata/RHSA-2003-015.html http://www.redhat.com/support/errata/RHSA-2003-016.html http://www.securityfocus.com/archive/1/260936 http://www.securityfocus.com/bid/4266

Share on: