Vulnerabilities > CVE-2004-0404 - Unspecified vulnerability in Psionic Logcheck

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nessus

NVD

Published: 2004-07-07

Updated: 2024-11-20

Summary

logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.

Part	Description	Count
Application	Psionic Psionic Logcheck *	1

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2004-155.NASL
description	A vulnerability was discovered in the logcheck program by Christian Jaeger. This could potentially lead to a local attacker overwriting files with root privileges. The updated packages have been patched to prevent the problem.
last seen	2020-06-01
modified	2020-06-02
plugin id	16036
published	2004-12-23
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/16036
title	Mandrake Linux Security Advisory : logcheck (MDKSA-2004:155)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-488.NASL
description	Christian Jaeger reported a bug in logcheck which could potentially be exploited by a local user to overwrite files with root privileges. logcheck utilized a temporary directory under /var/tmp without taking security precautions. While this directory is created when logcheck is installed, and while it exists there is no vulnerability, if at any time this directory is removed, the potential for exploitation exists.
last seen	2020-06-01
modified	2020-06-02
plugin id	15325
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15325
title	Debian DSA-488-1 : logcheck - insecure temporary directory