CVE-2004-1377

Currently unrated

Key Information:

Vendor
Gnu
Status
A2ps
Vendor
CVE Published:
27 December 2004

Summary

The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

References

http://www.gentoo.org/security/en/glsa/glsa-200501-02.xml
vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/bid/12109
vdb-entryx_refsource_BID
http://www.vuxml.org/freebsd/9168253c-5a6d-11d9-a9e7-0001...
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.