Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1167

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1167
Last Modified 10 Sep 2008 03:29:26
Published 10 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1167

Summary

mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Application

  • Gentoo Mirrorselect 0.80

  • Gentoo Mirrorselect 0.81

  • Gentoo Mirrorselect 0.82

  • Gentoo Mirrorselect 0.83

  • Gentoo Mirrorselect 0.84

  • Gentoo Mirrorselect 0.85

  • Gentoo Mirrorselect 0.86

  • Gentoo Mirrorselect 0.87

  • Gentoo Mirrorselect 0.88


References

GENTOO - GLSA-200412-05

XF - mirrorselect-symlink(18382)

SECUNIA - 13392


Last Updated: 27 May 2016 10:38:55