Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0971

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0971
Last Modified 21 Aug 2010 12:21:34
Published 09 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0971

Summary

The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Vulnerable Systems

Application

  • Mit Kerberos 5-1.3.4


References

BID - 11289

GENTOO - GLSA-200410-24

XF - script-temporary-file-overwrite(17583)

TRUSTIX - 2004-0050

REDHAT - RHSA-2005:012

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304


Last Updated: 27 May 2016 10:38:50