Local File Deletion Vulnerability in Lintian by Debian
CVE-2004-1000

Currently unrated

Key Information:

Vendor: Debian
Status: Lintian
Vendor: CVE Published:; 10 January 2004

Summary

Lintian versions 1.23 and earlier are susceptible to a local file deletion vulnerability, where the tool inadvertently removes the working directory even if it was not created by Lintian. This flaw allows local users to exploit symlink attacks, enabling them to delete arbitrary files or directories on the system. Such behavior poses significant risks when unprivileged users can manipulate sensitive areas of the file system, leading to data loss or service disruption.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18808

vdb-entryx_refsource_XF

http://secunia.com/advisories/13771

third-party-advisoryx_refsource_SECUNIA

http://www.debian.org/security/2004/dsa-630

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability Reserved
Nov 2, 2004
Vulnerability published
Jan 10, 2004