Lucene search

K

[email protected]NVD:CVE-2004-0966

HistoryFeb 09, 2005 - 5:00 a.m.

CVE-2004-0966

2005-02-0905:00:00

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Affected configurations

NVD

Node

gnugettextMatch0.14.1

Node

ubuntuubuntu_linuxMatch4.1ia64

OR

ubuntuubuntu_linuxMatch4.1ppc

References

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323

marc.info/?l=bugtraq&m=110382652226638&w=2

www.gentoo.org/security/en/glsa/glsa-200410-10.xml

www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html

www.securityfocus.com/bid/11282

www.trustix.org/errata/2004/0050

wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051

exchange.xforce.ibmcloud.com/vulnerabilities/17583

www.ubuntu.com/usn/usn-5-1/

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for NVD:CVE-2004-0966

securityvulns1 cvelist1 openvas3 cve1 gentoo1 debiancve1 nessus2 ubuntu1 ubuntucve1