CVE-2004-0967 Information

Feb 14, 2021 cve

Description

The (1) pj-gs.sh (2) ps2epsi (3) pv.sh and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allow local users to overwrite files via a symlink attack on temporary files.

Reference

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.19/SCOSA-2006.19.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.23/SCOSA-2006.23.txt http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136321 http://secunia.com/advisories/16997 http://secunia.com/advisories/17135 http://secunia.com/advisories/19799 http://secunia.com/advisories/20056 http://www.redhat.com/support/errata/RHSA-2005-081.html http://www.securityfocus.com/bid/11285 http://www.trustix.org/errata/2004/0050 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10284 https://www.ubuntu.com/usn/usn-3-1/

Share on: