| Vulnerability Name: | CVE-2004-0108 (CCN-15437) | ||||||||||||||||||||
| Assigned: | 2004-03-10 | ||||||||||||||||||||
| Published: | 2004-03-10 | ||||||||||||||||||||
| Updated: | 2017-10-10 | ||||||||||||||||||||
| Summary: | The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107. | ||||||||||||||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
| ||||||||||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | File Manipulation | ||||||||||||||||||||
| References: | Source: SGI Type: Patch 20040302-01-U Source: MITRE Type: CNA CVE-2004-0108 Source: CCN Type: sysstat Web page Sysstat Home Page Source: CCN Type: RHSA-2004-053 sysstat security update Source: CCN Type: CIAC Information Bulletin O-097 Red Hat Sysstat Packages contain Vulnerability Source: DEBIAN Type: UNKNOWN DSA-460 Source: DEBIAN Type: DSA-460 sysstat -- insecure temporary file Source: CCN Type: GLSA-200404-04 Multiple vulnerabilities in sysstat Source: CCN Type: Trustix Secure Linux Security Advisory #2004-0011 sysstat Source: CCN Type: GLSA 200404-04 Multiple vulnerabilities in sysstat Source: REDHAT Type: Patch, Vendor Advisory RHSA-2004:053 Source: BID Type: Patch, Vendor Advisory 9844 Source: CCN Type: BID-9844 Sysstat Isag Temporary File Creation Vulnerability Source: XF Type: UNKNOWN sysstat-isag-symlink(15437) Source: XF Type: UNKNOWN sysstat-isag-symlink(15437) | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||