CVE-2005-3011

Опубликовано: 21 сент. 2005

Источник: nvd

CVSS2: 1.2

EPSS Низкий

Описание

The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Ссылки

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:01.texindex.asc
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328365
Exploit
http://docs.info.apple.com/article.html?artnum=305530
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://secunia.com/advisories/16816
Vendor Advisory
http://secunia.com/advisories/17070
Vendor Advisory
http://secunia.com/advisories/17076
Vendor Advisory
http://secunia.com/advisories/17093
Vendor Advisory
http://secunia.com/advisories/17211
Vendor Advisory
http://secunia.com/advisories/17215
Vendor Advisory
http://secunia.com/advisories/18401
Vendor Advisory
http://secunia.com/advisories/22929
Vendor Advisory
http://secunia.com/advisories/23112
Vendor Advisory
http://secunia.com/advisories/24788
Vendor Advisory
http://secunia.com/advisories/25402
Vendor Advisory
http://securitytracker.com/id?1014992
http://securitytracker.com/id?1015468
http://www.debian.org/security/2006/dsa-1219

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnu:texinfo:*:*:*:*:*:*:*:*

Версия до 4.8 (включая)

EPSS

Процентиль: 13%

0.00043

Низкий

1.2 Low

CVSS2

Дефекты

CWE-59

Связанные уязвимости

CVE-2005-3011

ubuntu

почти 20 лет назад

The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVE-2005-3011

redhat

больше 25 лет назад

The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVE-2005-3011

debian

почти 20 лет назад

The sort_offline function for texindex in texinfo 4.8 and earlier allo ...

GHSA-98qq-6f93-2rg7

github

больше 3 лет назад

The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

BDU:2015-06074

fstec

почти 19 лет назад

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 13%

0.00043

Низкий

1.2 Low

CVSS2

Дефекты

CWE-59