Local File Overwrite Vulnerability in GNU Gettext Package Used by Trustix Secure Linux
CVE-2004-0966

Currently unrated

Key Information:

Vendor

Gnu
Status
Gettext
Vendor
CVE Published:
9 February 2005

What is CVE-2004-0966?

The GNU Gettext package versions 1.14 and later, utilized in Trustix Secure Linux 1.5 through 2.1, is susceptible to a local file overwrite vulnerability. This security issue arises from the autopoint and gettextize scripts allowing local users to create a symlink attack. By exploiting temporary file permissions, an attacker can overwrite files on the system, potentially leading to unauthorized access or denial of service. Organizations using affected versions should implement remediation measures to mitigate any potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.redhat.com/archives/fedora-legacy-announce/200...
vendor-advisoryx_refsource_FEDORA
http://marc.info/?l=bugtraq&m=110382652226638&w=2
vendor-advisoryx_refsource_OPENPKG
http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml
vendor-advisoryx_refsource_GENTOO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.