CVE-2004-0977

2005-02-0905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

postgresql

cve-2004-0977

symlink attack

information security

nvd

5.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

CPENameOperatorVersion
postgresql:postgresqlpostgresqllt7.3.8
postgresql:postgresqlpostgresqllt7.4.6
trustix:secure_linuxtrustix secure linuxeq2.0
mandrakesoft:mandrake_linux_corporate_servermandrakesoft mandrake linux corporate servereq2.1
redhat:enterprise_linux_desktopredhat enterprise linux desktopeq3.0
redhat:enterprise_linuxredhat enterprise linuxeq3.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.2
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.0
trustix:secure_linuxtrustix secure linuxeq2.1

CPE	Name	Operator	Version
postgresql:postgresql	postgresql	lt	7.3.8
postgresql:postgresql	postgresql	lt	7.4.6
trustix:secure_linux	trustix secure linux	eq	2.0
mandrakesoft:mandrake_linux_corporate_server	mandrakesoft mandrake linux corporate server	eq	2.1
redhat:enterprise_linux_desktop	redhat enterprise linux desktop	eq	3.0
redhat:enterprise_linux	redhat enterprise linux	eq	3.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.2
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.0
trustix:secure_linux	trustix secure linux	eq	2.1