CVE-2012-0871 - Improper Link Resolution Before File Access ('Link Following')

Severity

63%

Complexity

34%

Confidentiality

153%

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

CVSS 2.0 Base Score 6.3. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:C/A:C).

Overview

First reported 10 years ago

2014-04-18 14:55:00

Last updated 6 years ago

2018-10-30 16:27:00

Affected Software

Lennart Poettering systemd 001

001

Lennart Poettering systemd 002

002

Lennart Poettering systemd 003

003

Lennart Poettering systemd 004

004

Lennart Poettering systemd 005

005

Lennart Poettering systemd 006

006

Lennart Poettering systemd 007

007

Lennart Poettering systemd 008

008

Lennart Poettering systemd 009

009

Lennart Poettering systemd 010

010

Lennart Poettering systemd 011

011

Lennart Poettering systemd 012

012

Lennart Poettering systemd 013

013

Lennart Poettering systemd 014

014

Lennart Poettering systemd 015

015

Lennart Poettering systemd 016

016

Lennart Poettering systemd 017

017

Lennart Poettering systemd 018

018

Lennart Poettering systemd 019

019

Lennart Poettering systemd 020

020

Lennart Poettering systemd 021

021

Lennart Poettering systemd 022

022

Lennart Poettering systemd 023

023

Lennart Poettering systemd 024

024

Lennart Poettering systemd 025

025

Lennart Poettering systemd 026

026

Lennart Poettering systemd 027

027

Lennart Poettering systemd 028

028

Lennart Poettering systemd 029

029

Lennart Poettering systemd 030

030

Lennart Poettering systemd 031

031

Lennart Poettering systemd 032

032

Lennart Poettering systemd 033

033

Lennart Poettering systemd 034

034

Lennart Poettering systemd 035

035

Lennart Poettering systemd 036

036

OpenSUSE 12.1

12.1

References

http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c

SUSE-SA:2012:001

79768

https://bugzilla.novell.com/show_bug.cgi?id=747154

https://bugzilla.redhat.com/show_bug.cgi?id=795853

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.