CVE-2004-0977

The makeoidjoinscheck script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files...

USN-6-1: postgresql contributed script vulnerability

Recently, Trustix Secure Linux discovered a vulnerability in the postgresql-contrib package. The script "makeoidjoinscheck" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the script...