CVE-2002-0333

medium

Description

Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument.

References

http://www.debian.org/security/2002/dsa-121

http://marc.info/?l=bugtraq&m=101494896516467&w=2

Details

Source: Mitre, NVD

Published: 2002-06-25

Updated: 2016-10-18

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N