CVE-2004-0966
First published: Wed Oct 20 2004(Updated: )
The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU gettext | =0.14.1 | |
| Ubuntu Ubuntu Linux | =4.1 | |
| Ubuntu Ubuntu Linux | =4.1 | |
| ubuntu/gettext | <0.14.5-2ubuntu3 | 0.14.5-2ubuntu3 |
| ubuntu/gettext | <0.14.5-2ubuntu3 | 0.14.5-2ubuntu3 |
| ubuntu/gettext | <0.14.5-2ubuntu3 | 0.14.5-2ubuntu3 |
| debian/gettext | 0.21-4 0.21-12 0.22.5-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/11282
- http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml
- http://www.trustix.org/errata/2004/0050
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323
- http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html
- http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051
- http://marc.info/?l=bugtraq&m=110382652226638&w=2
- https://www.ubuntu.com/usn/usn-5-1/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
- https://ubuntu.com/security/notices/USN-5-1
- https://www.cve.org/CVERecord?id=CVE-2004-0966
- https://nvd.nist.gov/vuln/detail/CVE-2004-0966
- https://launchpad.net/bugs/cve/CVE-2004-0966
- https://security-tracker.debian.org/tracker/CVE-2004-0966
- https://ubuntu.com/security/CVE-2004-0966
- http://marc.info/?l=bugtraq&m=110382652226638&w=2
- collector/nvd-historical
- vendor/gnu
- product/gettext
- canonical/gnu gettext
- vendor/ubuntu
- product/ubuntu linux
- canonical/ubuntu ubuntu linux
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/weakness
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/first-publish-date
- agent/description
- collector/launchpad-cve
- source/Launchpad
- collector/nvd-cve
- source/NVD
- agent/author
- agent/references
- agent/event
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- version/gnu gettext/0.14.1
- version/ubuntu ubuntu linux/4.1
- package-manager/ubuntu
- package-manager/debian