cbcvebase.
CVE-2004-0971
published 2005-02-09

CVE-2004-0971: The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to…

PriorityP46low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.33%
24.5th percentile
The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Affected

6 ranges
VendorProductVersion rangeFixed in
debiankrb5< krb5 1.13.2+dfsg-2 (bookworm)krb5 1.13.2+dfsg-2 (bookworm)
mitkerberos_5
mitkrb5>= 0 < 1.13.2+dfsg-21.13.2+dfsg-2
mitkrb5>= 0 < 1.13.2+dfsg-21.13.2+dfsg-2
mitkrb5>= 0 < 1.13.2+dfsg-21.13.2+dfsg-2
mitkrb5>= 0 < 1.13.2+dfsg-21.13.2+dfsg-2

CVSS provenance

nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.