| Vulnerability Name: | CVE-2004-0058 (CCN-14214) | ||||||||
| Assigned: | 2004-01-13 | ||||||||
| Published: | 2004-01-13 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N) 1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | File Manipulation | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jan 13 2004 - 12:37:30 CST symlink vul for Antivir / Linux Version 2.0.9-9 (maybe lower) Source: MITRE Type: CNA CVE-2004-0058 Source: BUGTRAQ Type: UNKNOWN 20040113 symlink vul for Antivir / Linux Version 2.0.9-9 (maybe lower) Source: CCN Type: SA10620 H+BEDV AntiVir Insecure Temporary File Creation Vulnerability Source: SECUNIA Type: UNKNOWN 10620 Source: CCN Type: SECTRACK ID: 1008702 AntiVir Temporary File Symlink Flaw Lets Local Users Overwrite Files With Root Privileges Source: OSVDB Type: UNKNOWN 3496 Source: CCN Type: OSVDB ID: 3496 H+BEDV AntiVir Insecure Temp File Privilege Escalation Source: CCN Type: BID-9413 H+BEDV AntiVir Insecure Temporary File Creation Symbolic Link Vulnerability Source: SECTRACK Type: UNKNOWN 1008702 Source: XF Type: UNKNOWN antivir-tmpfile-insecure(14214) Source: XF Type: UNKNOWN antivir-tmpfile-insecure(14214) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||