CVE-2004-0968 — Glibc vulnerability

11 documents8 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 78.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Glibc Redhat Enterprise Linux Redhat Enterprise Linux Desktop

Timeline

PublishedFeb 9

Latest updateApr 29

Description

The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶Debiangnu/glibc< 2.3.2.ds1-19+3

▶NVDgnu/glibc26 versions+25

▶NVDredhat/enterprise_linux_desktop3.0

Also affects: Enterprise Linux 3.0

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-q8m5-35w7-x258: The catchsegv script in glibc 2↗2022-04-29

▶

OSV

CVE-2004-0968: The catchsegv script in glibc 2↗2005-02-09

▶

CVEList

CVE-2004-0968: The catchsegv script in glibc 2↗2004-10-20

▶

📋Vendor Advisories

Ubuntu

Standard C library script vulnerabilities↗2004-10-28

▶

Red Hat

security flaw↗2004-10-24

▶

Red Hat

security flaw↗2004-09-30

▶

Debian

CVE-2004-0968: glibc - The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite ...↗2004

▶

💬Community

Bugzilla

CVE-2004-1382 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-0968 security flaw↗2018-08-16

▶