CVE-2004-0966

Currently unrated

Key Information:

Vendor: Gnu
Status: Gettext
Vendor: CVE Published:; 9 February 2005

Summary

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

References

http://www.redhat.com/archives/fedora-legacy-announce/200...

vendor-advisoryx_refsource_FEDORA

http://marc.info/?l=bugtraq&m=110382652226638&w=2

vendor-advisoryx_refsource_OPENPKG

http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Feb 9, 2005
Vulnerability Reserved
Oct 19, 2004