Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0969

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0969
Last Modified 05 Sep 2008 04:39:57
Published 09 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0969

Summary

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Gentoo Linux

  • Ubuntu Linux 4.1

Application

  • Gnu Groff 1.19


References

BID - 11287

GENTOO - GLSA-200411-15

XF - script-temporary-file-overwrite(17583)

TRUSTIX - 2004-0050

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136313

MANDRIVA - MDKSA-2006:038

SECUNIA - 18764


Last Updated: 27 May 2016 10:38:50