Local File Overwrite Vulnerability in GNU Gettext Package Used by Trustix Secure Linux
CVE-2004-0966
Currently unrated
Summary
The GNU Gettext package versions 1.14 and later, utilized in Trustix Secure Linux 1.5 through 2.1, is susceptible to a local file overwrite vulnerability. This security issue arises from the autopoint and gettextize scripts allowing local users to create a symlink attack. By exploiting temporary file permissions, an attacker can overwrite files on the system, potentially leading to unauthorized access or denial of service. Organizations using affected versions should implement remediation measures to mitigate any potential risks.
References
Timeline
Vulnerability published
Vulnerability Reserved