Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0108

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2004-0108
Last Modified 05 Sep 2008 04:37:32
Published 15 Apr 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0108

Summary

The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.

Vulnerable Systems

Application

  • Redhat Sysstat 4.0.7-3

  • Sgi Propack 2.3

  • Sgi Propack 2.4

  • Sysstat 4.0.7

  • Sysstat 4.1.1

  • Sysstat 4.1.2

  • Sysstat 4.1.3

  • Sysstat 4.1.4

  • Sysstat 4.1.5

  • Sysstat 4.1.6

  • Sysstat 4.1.7

  • Sysstat 5.0.1


References

BID - 9844

REDHAT - RHSA-2004:053

SGI - 20040302-01-U

XF - sysstat-isag-symlink(15437)

DEBIAN - DSA-460


Last Updated: 27 May 2016 10:38:28