CVE-2005-2180
3 documents3 sources
Severity
2.1LOW
EPSS
0.1%
top 79.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 11
Latest updateMay 1
Description
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.
CVSS vector
AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9