Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2605

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-2605
Last Modified 05 Sep 2008 04:44:36
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2605

Summary

aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.

Vulnerable Systems

Application

  • Astats 1.6.5


References

XF - astats-symlink(18698)

BID - 12128

OSVDB - 12632

MLIST - [Debian-audit] 20041229 More temporary filenames/dirs related bugs

SECUNIA - 13679

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287604


Last Updated: 27 May 2016 10:39:33