CVE-2004-1167
CVE-2004-1167 affects mirrorselect prior to 0.89, which creates temporary files in a world-writable directory with predictable names. This enables symlink attacks to overwrite arbitrary files when mirrorselect runs—potentially gaining the rights of the invoking user (often root). Public sources (...