2 matches found
CVE-2005-2180
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files...
CVE-2005-2180
CVE-2005-2180 concerns the GNATS generator, where in GNATS 4.0/4.1.0 (and possibly earlier) if the binary is installed setuid, it fails to properly validate files passed to the -o option and opens the target with write access, enabling a local user to overwrite arbitrary files. This is the core c...