Description
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
References (4)
Core 4
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-636
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-261.html
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2004:159
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109899903129801&w=2
Scores
EPSS
0.0009
EPSS Percentile
24.8%
Details
Status
published
Products (26)
gnu/glibc
2.0
gnu/glibc
2.0.1
gnu/glibc
2.0.2
gnu/glibc
2.0.3
gnu/glibc
2.0.4
gnu/glibc
2.0.5
gnu/glibc
2.0.6
gnu/glibc
2.1
gnu/glibc
2.1.1
gnu/glibc
2.1.1.6
... and 16 more
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026