CVE-2004-0974
published 2005-02-09CVE-2004-0974: The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack…
PriorityP45low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.39%
31.2th percentile
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | netatalk | < netatalk 1.6.4a-1 (bullseye) | netatalk 1.6.4a-1 (bullseye) |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux_corporate_server | — | — |
| netatalk | netatalk | >= 0 < 1.6.4a-1 | 1.6.4a-1 |
| netatalk | netatalk | >= 0 < 1.6.4a-1 | 1.6.4a-1 |
| netatalk | netatalk | >= 0 < 1.6.4a-1 | 1.6.4a-1 |
| netatalk | open_source_apple_file_share_protocol_suite | — | — |
| netatalk | open_source_apple_file_share_protocol_suite | — | — |
| netatalk | open_source_apple_file_share_protocol_suite | — | — |
| redhat | fedora_core | — | — |
| redhat | fedora_core | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
vendor_debian2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9c82-ch3h-p2hf: The netatalk package in Trustix Secure Linux 1
ghsa_unreviewed·2022-04-29
CVE-2004-0974 [LOW] GHSA-9c82-ch3h-p2hf: The netatalk package in Trustix Secure Linux 1
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
OSV
CVE-2004-0974: The netatalk package in Trustix Secure Linux 1
osv·2005-02-09·CVSS 2.1
CVE-2004-0974 [LOW] CVE-2004-0974: The netatalk package in Trustix Secure Linux 1
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Debian
CVE-2004-0974: netatalk - The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other...
vendor_debian·2004·CVSS 2.1
CVE-2004-0974 [LOW] CVE-2004-0974: netatalk - The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other...
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Scope: local
bullseye: resolved (fixed in 1.6.4a-1)
forky: resolved (fixed in 1.6.4a-1)
sid: resolved (fixed in 1.6.4a-1)
trixie: resolved (fixed in 1.6.4a-1)
No detection rules found.
No public exploits indexed.
http://www.gentoo.org/security/en/glsa/glsa-200410-25.xmlhttp://www.trustix.org/errata/2004/0050https://exchange.xforce.ibmcloud.com/vulnerabilities/17583http://www.gentoo.org/security/en/glsa/glsa-200410-25.xmlhttp://www.trustix.org/errata/2004/0050https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
2005-02-09
Published