Back to search
CVE-2009-4135
Published: Dec 11, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[bug-coreutils] 20091208 Re: build: distcheck: do not leave a $TMPDIR/coreutils directory behind
mailing-list
x_refsource_MLIST
60853
vdb-entry
x_refsource_OSVDB
USN-2473-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20091208 CVE Request -- coreutils -- unsafe temporary directory location use
mailing-list
x_refsource_MLIST
37645
third-party-advisory
x_refsource_SECUNIA
http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=ae034822c535fa5
x_refsource_CONFIRM
37256
vdb-entry
x_refsource_BID
[oss-security] 20091208 Re: CVE Request -- coreutils -- unsafe temporary directory location use
mailing-list
x_refsource_MLIST
FEDORA-2009-13216
vendor-advisory
x_refsource_FEDORA
ADV-2009-3453
vdb-entry
x_refsource_VUPEN
FEDORA-2009-13181
vendor-advisory
x_refsource_FEDORA
37860
third-party-advisory
x_refsource_SECUNIA
gnu-core-distcheck-symlink(54673)
vdb-entry
x_refsource_XF
62226
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=545439
x_refsource_CONFIRM
[bug-coreutils] 20091209 [PATCH] doc: NEWS: mention the "make distcheck" vulnerability
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now