CVE-2004-0977

Опубликовано: 09 фев. 2005

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

Ссылки

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300
Issue Tracking
http://marc.info/?l=bugtraq&m=109910073808903&w=2
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200410-16.xml
Third Party Advisory
http://www.debian.org/security/2004/dsa-577
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2004:149
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2004-489.html
Broken Link
http://www.securityfocus.com/bid/11295
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.trustix.org/errata/2004/0050
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360
Broken Link
https://www.ubuntu.com/usn/usn-6-1/
Third Party Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300
Issue Tracking
http://marc.info/?l=bugtraq&m=109910073808903&w=2
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200410-16.xml
Third Party Advisory
http://www.debian.org/security/2004/dsa-577
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2004:149
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2004-489.html
Broken Link
http://www.securityfocus.com/bid/11295
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.trustix.org/errata/2004/0050
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Версия от 7.3.0 (включая) до 7.3.8 (исключая)

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Версия от 7.4.0 (включая) до 7.4.6 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00088

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2004-0977

ubuntu

больше 20 лет назад

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

CVE-2004-0977

redhat

около 21 года назад

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

CVE-2004-0977

debian

больше 20 лет назад

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows ...

GHSA-6j7m-4j6m-84cw

github

больше 3 лет назад

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

BDU:2015-01133

fstec

почти 11 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие злоумышленнику нарушить целостность защищаемой информации

EPSS

Процентиль: 26%

0.00088

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other