Vulnerabilities > CVE-2004-0064 - Local Insecure File Creation Symlink vulnerability in Suse Linux 9.0

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

suse

exploit available

NVD

Published: 2004-02-17

Updated: 2016-10-18

Summary

The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.

Vulnerable Configurations

Part	Description	Count
OS	Suse Suse Suse Linux 9.0	1

Exploit-Db

description	SuSE linux 9.0 YaST config Skribt Local Exploit. CVE-2004-0064. Local exploit for linux platform
id	EDB-ID:144
last seen	2016-01-31
modified	2004-01-15
published	2004-01-15
reporter	l0om
source	https://www.exploit-db.com/download/144/
title	SuSE Linux 9.0 - YaST config Skribt Local Exploit

References

http://marc.info/?l=bugtraq&m=107402658600437&w=2
http://secunia.com/advisories/10623
http://www.osvdb.org/3460
http://www.securityfocus.com/bid/9411
http://www.securitytracker.com/id?1008703