Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0977

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0977
Last Modified 21 Aug 2010 12:21:34
Published 09 Feb 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0977

Summary

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 10.0

  • Mandrakesoft Mandrake Linux 10.1

  • Mandrakesoft Mandrake Linux 9.2

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux Desktop 3.0

  • Trustix Secure Linux 2.0

  • Trustix Secure Linux 2.1

Application

  • Postgresql 7.2.1

  • Postgresql 7.4.3

  • Postgresql 7.4.5


References

BID - 11295

DEBIAN - DSA-577

XF - script-temporary-file-overwrite(17583)

TRUSTIX - 2004-0050

REDHAT - RHSA-2004:489

GENTOO - GLSA-200410-16

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300

MANDRAKE - MDKSA-2004:149

OPENPKG - OpenPKG-SA-2004.046

UBUNTU - USN-6-1


Last Updated: 27 May 2016 10:38:50