CVE-2005-2180

2005-07-11T04:00:00
ID CVE-2005-2180
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T03:25:00

Description

gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.