MidnightBSD

Advisories for scott_parish

CVE-2002-0144 HIGH

Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
scott_parish chuid 1.2
scott_parish chuid 1.1
scott_parish chuid 1.0
CVE-2002-0145 HIGH

chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
scott_parish chuid 1.2
scott_parish chuid 1.1
scott_parish chuid 1.0