← back
CVE-2004-0851

CVE-2004-0851

EPSS 0.3%
The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://exorsus.net/projects/net-acct/net-acct-notempfiles.patchhttp://marc.info/?l=bugtraq&m=109466910232385&w=2http://secunia.com/advisories/12476https://exchange.xforce.ibmcloud.com/vulnerabilities/17283http://www.debian.org/security/2004/dsa-559http://www.securityfocus.com/bid/11125