Description
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
References (3)
Core 3
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10516
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16392
Various Sources vendor-advisory
x_refsource_mandrake
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060
Scores
EPSS
0.0008
EPSS Percentile
23.2%
Details
Status
published
Products (7)
gnu/ksymoops
2.4.5
gnu/ksymoops
2.4.8
gnu/ksymoops
2.4.9
mandrakesoft/mandrake_linux
9.1 (2 CPE variants)
mandrakesoft/mandrake_linux
9.2 (2 CPE variants)
mandrakesoft/mandrake_linux
10.0 (2 CPE variants)
mandrakesoft/mandrake_linux_corporate_server
2.1 (2 CPE variants)
Published
Aug 06, 2004
Tracked Since
Feb 18, 2026