CVE-2004-1382Glibc vulnerability

8 documents7 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 75.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Glibc
Timeline
PublishedDec 31
Latest updateApr 29

Description

The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

Debiangnu/glibc< 2.3.2.ds1-19+3
NVDgnu/glibc26 versions+25

Patches

Patch: www.debian.orgPatch: www.debian.org

🔴Vulnerability Details

3
GHSA
GHSA-rmvw-6cmx-qgfg: The glibcbug script in glibc 22022-04-29
CVEList
CVE-2004-1382: The glibcbug script in glibc 22005-02-06
OSV
CVE-2004-1382: The glibcbug script in glibc 22004-12-31

📋Vendor Advisories

2
Red Hat
security flaw2004-10-24
Debian
CVE-2004-1382: glibc - The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite a...2004

💬Community

1
Bugzilla
CVE-2004-1382 security flaw2018-08-16
CVE-2004-1382 — GNU Glibc vulnerability | cvebase