CVE-2004-0974

Description

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Affected products

• mandrakesoft / mandrake_linux10.1 – 10.1
• mandrakesoft / mandrake_linux10.0 – 10.0
• mandrakesoft / mandrake_linux10.1 – 10.1
• mandrakesoft / mandrake_linux9.2 – 9.2
• mandrakesoft / mandrake_linux9.2 – 9.2
• mandrakesoft / mandrake_linux10.0 – 10.0
• mandrakesoft / mandrake_linux_corporate_server2.1 – 2.1
• mandrakesoft / mandrake_linux_corporate_server2.1 – 2.1
• Netatalk / open_source_apple_file_share_protocol_suite1.5_pre6 – 1.5_pre6
• Netatalk / open_source_apple_file_share_protocol_suite1.6.1 – 1.6.1
• Netatalk / open_source_apple_file_share_protocol_suite1.6.4 – 1.6.4
• RedHat / fedora_corecore_2.0 – core_2.0
• RedHat / fedora_corecore_3.0 – core_3.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/17583
• MISChttp://www.trustix.org/errata/2004/0050
• MISChttp://www.gentoo.org/security/en/glsa/glsa-200410-25.xml