CVE-2004-1179

Description

The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories.

Affected products

• Debian / debmake3.6 – 3.6.10

References

• MISChttp://www.securityfocus.com/bid/12078
• MISChttp://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2004-12/0645.html
• VENDOR_ADVISORYhttp://www.debian.org/security/2004/dsa-615
• VENDOR_ADVISORYhttp://secunia.com/advisories/13633/
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/18646