Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0966

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0966
Last Modified 05 Sep 2008 04:39:56
Published 09 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0966

Summary

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Ubuntu Linux 4.1

Application

  • Gnu Gettext 0.14.1


References

BID - 11282

XF - script-temporary-file-overwrite(17583)

TRUSTIX - 2004-0050

GENTOO - GLSA-200410-10

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323

MANDRIVA - MDKSA-2006:051

FEDORA - FLSA:136323

OPENPKG - OpenPKG-SA-2004.055

UBUNTU - USN-5-1


Last Updated: 27 May 2016 10:38:50