Symlink Vulnerability in Texinfo Affects Apple and Various Linux Distributions
CVE-2005-3011

Currently unrated

Key Information:

Vendor: Gnu
Status: Texinfo
Vendor: CVE Published:; 21 September 2005

What is CVE-2005-3011?

The sort_offline function in Texinfo versions 4.8 and earlier is susceptible to a local file overwrite vulnerability through a symlink attack. This flaw allows local users to create symlink files that can point to arbitrary system files, enabling them to overwrite crucial files with undesired content. Consequently, it is essential for system administrators and users of affected versions to implement proper security measures to mitigate potential exploitation.

References

http://docs.info.apple.com/article.html?artnum=305530

x_refsource_CONFIRM

http://www.ubuntu.com/usn/usn-194-1

vendor-advisoryx_refsource_UBUNTU

http://www.redhat.com/support/errata/RHSA-2006-0727.html

vendor-advisoryx_refsource_REDHAT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 21, 2005
Vulnerability Reserved
Sep 21, 2005

Gnu

What is CVE-2005-3011?

References

Timeline