Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0968

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0968
Last Modified 21 Aug 2010 12:21:33
Published 09 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0968

Summary

The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux Desktop 3.0

Application

  • Gnu Glibc 2.0

  • Gnu Glibc 2.0.1

  • Gnu Glibc 2.0.2

  • Gnu Glibc 2.0.3

  • Gnu Glibc 2.0.4

  • Gnu Glibc 2.0.5

  • Gnu Glibc 2.0.6

  • Gnu Glibc 2.1

  • Gnu Glibc 2.1.1

  • Gnu Glibc 2.1.1.6

  • Gnu Glibc 2.1.2

  • Gnu Glibc 2.1.3

  • Gnu Glibc 2.1.3.10

  • Gnu Glibc 2.1.9

  • Gnu Glibc 2.2

  • Gnu Glibc 2.2.1

  • Gnu Glibc 2.2.2

  • Gnu Glibc 2.2.3

  • Gnu Glibc 2.2.4

  • Gnu Glibc 2.2.5

  • Gnu Glibc 2.3

  • Gnu Glibc 2.3.1

  • Gnu Glibc 2.3.10

  • Gnu Glibc 2.3.2

  • Gnu Glibc 2.3.3

  • Gnu Glibc 2.3.4


References

BID - 11286

XF - script-temporary-file-overwrite(17583)

TRUSTIX - 2004-0050

REDHAT - RHSA-2005:261

REDHAT - RHSA-2004:586

DEBIAN - DSA-636

GENTOO - GLSA-200410-19

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318

UBUNTU - USN-4-1


Last Updated: 27 May 2016 10:38:50