Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0064Linux vulnerability

7 documents5 sources
Severity
2.1LOWNVD
EPSS
0.4%
top 40.24%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Suse Linux
Timeline
PublishedFeb 17
Latest updateApr 29

Description

The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-395c-rvwq-3m9g: The SuSEconfig2022-04-29
CVEList
CVE-2004-0064: The SuSEconfig2004-01-15

💥Exploits & PoCs

1
Exploit-DB
SuSE Linux 9.0 - YaST Configuration Skribt Overwrite Files2004-01-15
CVE-2004-0064 — Suse Linux vulnerability | cvebase