Back to search
CVE-2004-2097
Published: May 27, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20040122 Re: [SuSE 9.0] possible symlink attacks in some scripts
mailing-list
x_refsource_BUGTRAQ
20040121 [SuSE 9.0] possible symlink attacks in some scripts
mailing-list
x_refsource_BUGTRAQ
1008781
vdb-entry
x_refsource_SECTRACK
suse-multiple-symlink-attack(14963)
vdb-entry
x_refsource_XF
9457
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now