Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0974

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0974
Last Modified 10 Sep 2008 03:28:25
Published 09 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0974

Summary

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 10.0

  • Mandrakesoft Mandrake Linux 10.1

  • Mandrakesoft Mandrake Linux 9.2

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

  • Redhat Fedora Core Core 2.0

  • Redhat Fedora Core Core 3.0

Application

  • Netatalk Open Source Apple File Share Protocol Suite 1.5 Pre6

  • Netatalk Open Source Apple File Share Protocol Suite 1.6.1

  • Netatalk Open Source Apple File Share Protocol Suite 1.6.4


References

GENTOO - GLSA-200410-25

XF - script-temporary-file-overwrite(17583)

TRUSTIX - 2004-0050


Last Updated: 27 May 2016 10:38:50