Directory Traversal and Symlink Attack Vulnerability in getdbm Procedure of ypxfrd

Directory Traversal and Symlink Attack Vulnerability in getdbm Procedure of ypxfrd

CVE-2002-1199 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

Learn more about our User Device Pen Test.