Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1387

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-1387
Last Modified 10 Sep 2008 03:30:05
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1387

Summary

The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.

Vulnerable Systems

Application

  • Apache Http Server 1.3.31


References

XF - apache-checkforensic-symlink(18993)

SECUNIA - 13925

UBUNTU - USN-65-1

MLIST - [debian-apache] 20050119 Bug#290974: marked as done (apache: Temporary usage bugs that can be used in symlink attacks)


Last Updated: 27 May 2016 10:39:01