First published: Sun Jul 10 2005(Updated: )
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU GNATS | =4.0 | |
GNU GNATS | =4.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.