What is the severity of CVE-2005-0610?

CVE-2005-0610 is classified as a high severity vulnerability due to its potential to allow arbitrary file overwrites and execution of arbitrary code.

How do I fix CVE-2005-0610?

To remediate CVE-2005-0610, it is recommended to update to the latest version of portupgrade that includes the necessary security patches.

Who is affected by CVE-2005-0610?

CVE-2005-0610 affects local users of FreeBSD systems running vulnerable versions of portupgrade.

What types of attacks can CVE-2005-0610 facilitate?

CVE-2005-0610 may facilitate attacks that allow local users to overwrite arbitrary files or replace packages, leading to potential system compromise.

Are multiple versions of FreeBSD impacted by CVE-2005-0610?

Yes, CVE-2005-0610 affects several versions of FreeBSD, including 4.0 to 5.4, particularly those prior to the patch release.

Vulnerability/
CVE-2005-0610

high

7.2

CWE

NVD-CWE-Other

12/4/2005

13/4/2005

7/8/2024

CVE-2005-0610

First published: Tue Apr 12 2005(Updated: )

Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file.

Credit: secteam@freebsd.org

Affected Software	Affected Version	How to fix
FreeBSD FreeBSD	=4.0
FreeBSD FreeBSD	=4.0-alpha
FreeBSD FreeBSD	=4.0-releng
FreeBSD FreeBSD	=4.1
FreeBSD FreeBSD	=4.1.1
FreeBSD FreeBSD	=4.1.1-release
FreeBSD FreeBSD	=4.1.1-stable
FreeBSD FreeBSD	=4.2
FreeBSD FreeBSD	=4.2-stable
FreeBSD FreeBSD	=4.3
FreeBSD FreeBSD	=4.3-release
FreeBSD FreeBSD	=4.3-release_p38
FreeBSD FreeBSD	=4.3-releng
FreeBSD FreeBSD	=4.3-stable
FreeBSD FreeBSD	=4.4
FreeBSD FreeBSD	=4.4-release_p42
FreeBSD FreeBSD	=4.4-releng
FreeBSD FreeBSD	=4.4-stable
FreeBSD FreeBSD	=4.5
FreeBSD FreeBSD	=4.5-release
FreeBSD FreeBSD	=4.5-release_p32
FreeBSD FreeBSD	=4.5-releng
FreeBSD FreeBSD	=4.5-stable
FreeBSD FreeBSD	=4.6
FreeBSD FreeBSD	=4.6-release
FreeBSD FreeBSD	=4.6-release_p20
FreeBSD FreeBSD	=4.6-releng
FreeBSD FreeBSD	=4.6-stable
FreeBSD FreeBSD	=4.6.2
FreeBSD FreeBSD	=4.7
FreeBSD FreeBSD	=4.7-release
FreeBSD FreeBSD	=4.7-release_p17
FreeBSD FreeBSD	=4.7-releng
FreeBSD FreeBSD	=4.7-stable
FreeBSD FreeBSD	=4.8
FreeBSD FreeBSD	=4.8-pre-release
FreeBSD FreeBSD	=4.8-release_p6
FreeBSD FreeBSD	=4.8-releng
FreeBSD FreeBSD	=4.9
FreeBSD FreeBSD	=4.9-pre-release
FreeBSD FreeBSD	=4.9-releng
FreeBSD FreeBSD	=4.10
FreeBSD FreeBSD	=4.10-release
FreeBSD FreeBSD	=4.10-releng
FreeBSD FreeBSD	=4.11-stable
FreeBSD FreeBSD	=5.0
FreeBSD FreeBSD	=5.0-alpha
FreeBSD FreeBSD	=5.0-release_p14
FreeBSD FreeBSD	=5.0-releng
FreeBSD FreeBSD	=5.1
FreeBSD FreeBSD	=5.1-alpha
FreeBSD FreeBSD	=5.1-release
FreeBSD FreeBSD	=5.1-release_p5
FreeBSD FreeBSD	=5.1-releng
FreeBSD FreeBSD	=5.2
FreeBSD FreeBSD	=5.2.1-release
FreeBSD FreeBSD	=5.2.1-releng
FreeBSD FreeBSD	=5.3
FreeBSD FreeBSD	=5.3-release
FreeBSD FreeBSD	=5.3-releng
FreeBSD FreeBSD	=5.3-stable
FreeBSD FreeBSD	=5.4-pre-release
FreeBSD FreeBSD	=5.4-release

Remedy

http://secunia.com/advisories/14903

Remedy

http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-0610?
CVE-2005-0610 is classified as a high severity vulnerability due to its potential to allow arbitrary file overwrites and execution of arbitrary code.
How do I fix CVE-2005-0610?
To remediate CVE-2005-0610, it is recommended to update to the latest version of portupgrade that includes the necessary security patches.
Who is affected by CVE-2005-0610?
CVE-2005-0610 affects local users of FreeBSD systems running vulnerable versions of portupgrade.
What types of attacks can CVE-2005-0610 facilitate?
CVE-2005-0610 may facilitate attacks that allow local users to overwrite arbitrary files or replace packages, leading to potential system compromise.
Are multiple versions of FreeBSD impacted by CVE-2005-0610?
Yes, CVE-2005-0610 affects several versions of FreeBSD, including 4.0 to 5.4, particularly those prior to the patch release.

collector/nvd-index
collector/nvd-historical
agent/first-publish-date
agent/softwarecombine
agent/remedy
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/last-modified-date
agent/tags
agent/severity
agent/references
agent/description
agent/event
agent/source
vendor/freebsd
canonical/freebsd freebsd
version/freebsd freebsd/4.0
version/freebsd freebsd/4.0-alpha
version/freebsd freebsd/4.0-releng
version/freebsd freebsd/4.1
version/freebsd freebsd/4.1.1
version/freebsd freebsd/4.1.1-release
version/freebsd freebsd/4.1.1-stable
version/freebsd freebsd/4.2
version/freebsd freebsd/4.2-stable
version/freebsd freebsd/4.3
version/freebsd freebsd/4.3-release
version/freebsd freebsd/4.3-release_p38
version/freebsd freebsd/4.3-releng
version/freebsd freebsd/4.3-stable
version/freebsd freebsd/4.4
version/freebsd freebsd/4.4-release_p42
version/freebsd freebsd/4.4-releng
version/freebsd freebsd/4.4-stable
version/freebsd freebsd/4.5
version/freebsd freebsd/4.5-release
version/freebsd freebsd/4.5-release_p32
version/freebsd freebsd/4.5-releng
version/freebsd freebsd/4.5-stable
version/freebsd freebsd/4.6
version/freebsd freebsd/4.6-release
version/freebsd freebsd/4.6-release_p20
version/freebsd freebsd/4.6-releng
version/freebsd freebsd/4.6-stable
version/freebsd freebsd/4.6.2
version/freebsd freebsd/4.7
version/freebsd freebsd/4.7-release
version/freebsd freebsd/4.7-release_p17
version/freebsd freebsd/4.7-releng
version/freebsd freebsd/4.7-stable
version/freebsd freebsd/4.8
version/freebsd freebsd/4.8-pre-release
version/freebsd freebsd/4.8-release_p6
version/freebsd freebsd/4.8-releng
version/freebsd freebsd/4.9
version/freebsd freebsd/4.9-pre-release
version/freebsd freebsd/4.9-releng
version/freebsd freebsd/4.10
version/freebsd freebsd/4.10-release
version/freebsd freebsd/4.10-releng
version/freebsd freebsd/4.11-stable
version/freebsd freebsd/5.0
version/freebsd freebsd/5.0-alpha
version/freebsd freebsd/5.0-release_p14
version/freebsd freebsd/5.0-releng
version/freebsd freebsd/5.1
version/freebsd freebsd/5.1-alpha
version/freebsd freebsd/5.1-release
version/freebsd freebsd/5.1-release_p5
version/freebsd freebsd/5.1-releng
version/freebsd freebsd/5.2
version/freebsd freebsd/5.2.1-release
version/freebsd freebsd/5.2.1-releng
version/freebsd freebsd/5.3
version/freebsd freebsd/5.3-release
version/freebsd freebsd/5.3-releng
version/freebsd freebsd/5.3-stable
version/freebsd freebsd/5.4-pre-release
version/freebsd freebsd/5.4-release

CVE-2005-0610

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-0610?

How do I fix CVE-2005-0610?

Who is affected by CVE-2005-0610?

What types of attacks can CVE-2005-0610 facilitate?

Are multiple versions of FreeBSD impacted by CVE-2005-0610?

Company

Resources

Contact