Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4691

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-4691
Last Modified 05 Sep 2008 04:57:33
Published 31 Dec 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4691

Summary

imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.

Vulnerable Systems

Operating System

  • Netbsd 1.6

  • Netbsd 1.6.1

  • Netbsd 1.6.2

  • Netbsd 2.0

  • Netbsd 2.0.1

  • Netbsd 2.0.2


References

BID - 15263

OSVDB - 20731

SECTRACK - 1015132

CONFIRM - http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html

MLIST - [netbsd-announce] 20051031 Announcing update 2.0.3 - source only

NETBSD - 2005-009


Last Updated: 27 May 2016 10:41:24