ID de Prueba:	1.3.6.1.4.1.25623.1.0.800730
Categoría:	Privilege escalation
Título:	Bournal < 1.4.1 Privilege Escalation Vulnerability
Resumen:	Bournal is prone to a privilege escalation vulnerability.
Descripción:	Summary: Bournal is prone to a privilege escalation vulnerability. Vulnerability Insight: The flaw exists while using temporary files in an insecure manner, which may allow attackers to overwrite arbitrary files via symlink attacks when running the update check via the '--hack_the_gibson' parameter. Vulnerability Impact: Successful exploitation will allow attackers to perform certain actions with escalated privileges. Affected Software/OS: Bournal prior to version 1.4.1. Solution: Update to version 1.4.1 or later. CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0118 BugTraq ID: 38353 http://www.securityfocus.com/bid/38353 Bugtraq: 20100222 Secunia Research: Bournal Insecure Temporary Files Security Issue (Google Search) http://www.securityfocus.com/archive/1/509685/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036764.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036701.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036697.html http://secunia.com/secunia_research/2010-6/ http://secunia.com/advisories/38554 http://secunia.com/advisories/38814
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.