CVE-2004-0966 Information

Description

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Reference

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323 http://marc.info/?l=bugtraq&m=110382652226638&w=2 http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html http://www.securityfocus.com/bid/11282 http://www.trustix.org/errata/2004/0050 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://www.ubuntu.com/usn/usn-5-1/