Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2918

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2918
Last Modified 05 Sep 2008 04:52:59
Published 15 Sep 2005 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2918

Summary

The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file.

Vulnerable Systems

Application

  • Gtkdiskfree 1.9.3


References

MISC - http://www.zataz.net/adviso/gtkdiskfree-09052005.txt

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=104565

GENTOO - GLSA-200510-01

DEBIAN - DSA-822

SECUNIA - 17056

SECUNIA - 17005

SECUNIA - 16951

BUGTRAQ - 20050915 gtkdiskfree insecure temporary file creation


Last Updated: 27 May 2016 10:40:40