Bournal Privilege Escalation Vulnerability Network Vulnerability

Summary

This host is installed with Bournal and is prone to privilege escalation vulnerability

Impact

Successful exploitation will allow attackers to perform certain actions with escalated privileges. Impact Level: Application.

Solution

Upgarde to Bournal 1.4.1 For updates refer to http://becauseinter.net/bournal/

Insight

The flaw exists while using temporary files in an insecure manner, which may allow attackers to overwrite arbitrary files via symlink attacks when running the update check via the '--hack_the_gibson' parameter.

Affected

Bournal version prior to 1.4.1

References

http://secunia.com/advisories/38554
http://secunia.com/secunia_research/2010-6/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0118
CVSS Base Score: 3.3
AV:L/AC:M/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Bournal Privilege Escalation Vulnerability
McAfee VirusScan Enterprise Privilege Escalation Vulnerability (Windows)
Apache <= 1.3.33 htpasswd local overflow
OpenSC Security Bypass Vulnerability

Take action and discover your vulnerabilities