Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0996

8 documents7 sources

Severity

2.1LOW

EPSS

0.6%

top 31.72%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Cscope Cscope Debian Debian Linux SCO Unixware

Timeline

PublishedJan 10

Latest updateApr 29

Description

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶Debiancscope< 15.5-1.1+3

▶NVDcscope/cscope5 versions+4

▶NVDsco/unixware7.1.1, 7.1.3, 7.1.4+2

Also affects: Debian Linux 3.0

Patches

Patch: www.debian.org ↗Patch: www.securityfocus.com ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-g9x5-fv34-9wx2: main↗2022-04-29

▶

OSV

CVE-2004-0996: main↗2005-01-10

▶

CVEList

CVE-2004-0996: main↗2004-12-01

▶

💥Exploits & PoCs

Exploit-DB

Cscope 13.0/15.x - Insecure Temporary File Creation (2)↗2004-11-17

▶

Exploit-DB

Cscope 13.0/15.x - Insecure Temporary File Creation (1)↗2004-11-17

▶

📋Vendor Advisories

Debian

CVE-2004-0996: cscope - main.c in cscope 15-4 and 15-5 creates temporary files with predictable filename...↗2004

▶

Red Hat

CVE-2004-0996: main↗

▶