1. CVE-Search
  2. CVE-2005-0159
ID CVE-2005-0159
Summary The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
References
Vulnerable Configurations
  • cpe:2.3:a:debian:toolchain-source:3.0.3-1:*:*:*:*:*:*:*
    cpe:2.3:a:debian:toolchain-source:3.0.3-1:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:toolchain-source:3.0.3-2:*:*:*:*:*:*:*
    cpe:2.3:a:debian:toolchain-source:3.0.3-2:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:toolchain-source:3.0.3-3:*:*:*:*:*:*:*
    cpe:2.3:a:debian:toolchain-source:3.0.3-3:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:toolchain-source:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:debian:toolchain-source:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
CVSS
Base: 4.6 (as of 11-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 12540
debian DSA-679
secunia 14277
xf toolchain-source-symlink(19317)
Last major update 11-07-2017 - 01:32
Published 27-04-2005 - 04:00
Last modified 11-07-2017 - 01:32
Back to Top