Local File Overwrite Vulnerability in GNU Gettext Package Used by Trustix Secure Linux
CVE-2004-0966

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
9 February 2005

Summary

The GNU Gettext package versions 1.14 and later, utilized in Trustix Secure Linux 1.5 through 2.1, is susceptible to a local file overwrite vulnerability. This security issue arises from the autopoint and gettextize scripts allowing local users to create a symlink attack. By exploiting temporary file permissions, an attacker can overwrite files on the system, potentially leading to unauthorized access or denial of service. Organizations using affected versions should implement remediation measures to mitigate any potential risks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.