CVE-2004-0967

Trustix Secure Linux <2.1 - Local File Overwrite

Title source: llm

Description

The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files.

References (13)

Core 13

Core References

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10284

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17583

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19799

Vendor Advisory vendor-advisory x_refsource_trustix

http://www.trustix.org/errata/2004/0050

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20056

Issue Tracking x_refsource_confirm

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136321

Various Sources vendor-advisory x_refsource_sco

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.23/SCOSA-2006.23.txt

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16997

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-081.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17135

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://www.ubuntu.com/usn/usn-3-1/

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11285

Various Sources vendor-advisory x_refsource_sco

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.19/SCOSA-2006.19.txt

Scores

EPSS 0.0047

EPSS Percentile 37.3%

Details

CWE

CWE-59

Status published

Products (18)

aladdin_enterprises/ghostscript 4.3

aladdin_enterprises/ghostscript 4.3.2

aladdin_enterprises/ghostscript 5.10.10 (2 CPE variants)

aladdin_enterprises/ghostscript 5.10.10_1 (2 CPE variants)

aladdin_enterprises/ghostscript 5.10.12cl

aladdin_enterprises/ghostscript 5.10.15

aladdin_enterprises/ghostscript 5.10.16

aladdin_enterprises/ghostscript 5.10cl

aladdin_enterprises/ghostscript 5.50

aladdin_enterprises/ghostscript 5.50.8

... and 8 more

Published Feb 09, 2005

Tracked Since Feb 18, 2026