Symlink Vulnerability in Gentoolkit by Gentoo
CVE-2004-1108

Currently unrated

Key Information:

Vendor: Gentoo
Status: Linux
Vendor: CVE Published:; 10 January 2005

What is CVE-2004-1108?

The Gentoolkit application prior to version 0.2.0_pre10 is susceptible to a symlink attack, allowing local users to overwrite arbitrary files in a temporary directory. This security flaw enables perpetrators to manipulate symlinks, potentially compromising system integrity and confidentiality. Users are advised to update to the latest version of Gentoolkit to mitigate this risk.

References

http://secunia.com/advisories/13108/

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/17968

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/11617

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 30, 2004