CVE-2004-0107 Information
Description
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files a different vulnerability than CVE-2004-0108.
Reference
ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc http://www.ciac.org/ciac/bulletins/o-097.shtml http://www.osvdb.org/6884 http://www.redhat.com/support/errata/RHSA-2004-053.html http://www.redhat.com/support/errata/RHSA-2004-093.html http://www.securityfocus.com/bid/9838 https://exchange.xforce.ibmcloud.com/vulnerabilities/15428 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10737 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A849 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A862
Share on: