VDB
CVE-2001-0529
CVE-2001-0529
PUBLISHED
CVSS 7.199999809265137 HIGH
OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack.
EPSS 0.17% · 37.5th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
0.17%
37.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| openbsd | openssh | 0 |
Timeline
- Aug 14, 2001 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
References
- IMNX-2001-70-034-01 vendor-advisory
- openssh-symlink-file-deletion(6676) vdb
- 20010612 vendor-advisory
- 20010604 SSH allows deletion of other users files... mailing-list
- 20010604 Re: SSH allows deletion of other users files... mailing-list
- 20010605 OpenSSH_2.5.2p2 RH7.0 <- version info mailing-list
- NetBSD-SA2001-010 vendor-advisory
- CSSA-2001-023.0 vendor-advisory
- VU#655259 third-party-advisory
- 2825 vdb
- 1853 vdb
- CLA-2001:431 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2001-0529 advisory