CVE-2004-0108
sysstat - Arbitrary File Overwrite via Symlink Attack on Temporary Files
Title source: llmDescription
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
References (5)
Core 5
Core References
Patch vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-053.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-460
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9844
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15437
Scores
EPSS
0.0008
EPSS Percentile
22.7%
Details
Status
published
Products (12)
redhat/sysstat
4.0.7-3
sgi/propack
2.3
sgi/propack
2.4
sysstat/sysstat
4.0.7
sysstat/sysstat
4.1.1
sysstat/sysstat
4.1.2
sysstat/sysstat
4.1.3
sysstat/sysstat
4.1.4
sysstat/sysstat
4.1.5
sysstat/sysstat
4.1.6
... and 2 more
Published
Apr 15, 2004
Tracked Since
Feb 18, 2026