Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0256

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0256
Last Modified 05 Sep 2008 04:37:56
Published 23 Nov 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0256

Summary

GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp.

Vulnerable Systems

Application

  • Gnu Libtool 1.0

  • Gnu Libtool 1.1

  • Gnu Libtool 1.2

  • Gnu Libtool 1.3

  • Gnu Libtool 1.3.2

  • Gnu Libtool 1.3.3

  • Gnu Libtool 1.3.4

  • Gnu Libtool 1.3.5

  • Gnu Libtool 1.4

  • Gnu Libtool 1.4.1

  • Gnu Libtool 1.4.2

  • Gnu Libtool 1.4.3

  • Gnu Libtool 1.5


References

BID - 9530

XF - libtool-insecure-temp-directory(15017)

BUGTRAQ - 20040130 Symlink Vulnerability in GNU libtool <1.5.2

OSVDB - 3795

MISC - http://www.geocrawler.com/mail/msg.php3?msg_id=3438808&list=405

SECUNIA - 10777

CONECTIVA - CLA-2004:811


Last Updated: 27 May 2016 10:38:32